2012-01-03 23:33:31 +01:00
|
|
|
// Copyright (c) 2009-2010 Satoshi Nakamoto
|
2023-04-25 13:51:26 +02:00
|
|
|
// Copyright (c) 2009-2020 The Bitcoin Core developers
|
2014-12-13 05:09:33 +01:00
|
|
|
// Distributed under the MIT software license, see the accompanying
|
2012-05-18 16:02:28 +02:00
|
|
|
// file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
2012-01-03 23:33:31 +01:00
|
|
|
|
2020-03-19 23:46:56 +01:00
|
|
|
#include <netbase.h>
|
2013-04-13 07:13:08 +02:00
|
|
|
|
2020-11-18 17:13:27 +01:00
|
|
|
#include <compat.h>
|
2020-03-19 23:46:56 +01:00
|
|
|
#include <sync.h>
|
2018-04-13 19:15:35 +02:00
|
|
|
#include <tinyformat.h>
|
2022-10-26 13:25:11 +02:00
|
|
|
#include <util/sock.h>
|
2021-06-27 08:33:13 +02:00
|
|
|
#include <util/strencodings.h>
|
Merge #17754: net: Don't allow resolving of std::string with embedded NUL characters. Add tests.
7a046cdc1423963bdcbcf9bb98560af61fa90b37 tests: Avoid using C-style NUL-terminated strings as arguments (practicalswift)
fefb9165f23fe9d10ad092ec31715f906e0d2ee7 tests: Add tests to make sure lookup methods fail on std::string parameters with embedded NUL characters (practicalswift)
9574de86ad703ad942cdd0eca79f48c0d42b102b net: Avoid using C-style NUL-terminated strings as arguments in the netbase interface (practicalswift)
Pull request description:
Don't allow resolving of `std::string`:s with embedded `NUL` characters.
Avoid using C-style `NUL`-terminated strings as arguments in the `netbase` interface
Add tests.
The only place in where C-style `NUL`-terminated strings are actually needed is here:
```diff
+ if (!ValidAsCString(name)) {
+ return false;
+ }
...
- int nErr = getaddrinfo(pszName, nullptr, &aiHint, &aiRes);
+ int nErr = getaddrinfo(name.c_str(), nullptr, &aiHint, &aiRes);
if (nErr)
return false;
```
Interface changes:
```diff
-bool LookupHost(const char *pszName, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
+bool LookupHost(const std::string& name, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
-bool LookupHost(const char *pszName, CNetAddr& addr, bool fAllowLookup);
+bool LookupHost(const std::string& name, CNetAddr& addr, bool fAllowLookup);
-bool Lookup(const char *pszName, CService& addr, int portDefault, bool fAllowLookup);
+bool Lookup(const std::string& name, CService& addr, int portDefault, bool fAllowLookup);
-bool Lookup(const char *pszName, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
+bool Lookup(const std::string& name, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
-bool LookupSubNet(const char *pszName, CSubNet& subnet);
+bool LookupSubNet(const std::string& strSubnet, CSubNet& subnet);
-CService LookupNumeric(const char *pszName, int portDefault = 0);
+CService LookupNumeric(const std::string& name, int portDefault = 0);
-bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool *outProxyConnectionFailed);
+bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool& outProxyConnectionFailed);
```
It should be noted that the `ConnectThroughProxy` change (from `bool *outProxyConnectionFailed` to `bool& outProxyConnectionFailed`) has nothing to do with `NUL` handling but I thought it was worth doing when touching this file :)
ACKs for top commit:
EthanHeilman:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
laanwj:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
Tree-SHA512: 66556e290db996917b54091acd591df221f72230f6b9f6b167b9195ee870ebef6e26f4cda2f6f54d00e1c362e1743bf56785d0de7cae854e6bf7d26f6caccaba
2020-01-22 20:14:12 +01:00
|
|
|
#include <util/string.h>
|
|
|
|
#include <util/system.h>
|
2022-10-26 13:25:11 +02:00
|
|
|
#include <util/time.h>
|
2013-04-13 07:13:08 +02:00
|
|
|
|
2017-08-09 18:06:31 +02:00
|
|
|
#include <atomic>
|
2020-11-18 17:13:27 +01:00
|
|
|
#include <chrono>
|
2020-08-24 21:03:31 +02:00
|
|
|
#include <cstdint>
|
2022-10-26 13:25:11 +02:00
|
|
|
#include <functional>
|
|
|
|
#include <memory>
|
2013-04-13 07:13:08 +02:00
|
|
|
|
2012-01-03 23:33:31 +01:00
|
|
|
#ifndef WIN32
|
2013-07-17 10:51:40 +02:00
|
|
|
#include <fcntl.h>
|
2012-01-03 23:33:31 +01:00
|
|
|
#endif
|
|
|
|
|
2018-09-27 03:54:52 +02:00
|
|
|
#ifdef USE_POLL
|
|
|
|
#include <poll.h>
|
|
|
|
#endif
|
2012-01-03 23:33:31 +01:00
|
|
|
|
|
|
|
// Settings
|
Merge #19190: refactor: Replace RecursiveMutex with Mutex in netbase.cpp
78c8f4fe11706cf5c165777c2ca122bd933b8b6a refactor: Replace RecursiveMutex with Mutex in netbase.cpp (Hennadii Stepanov)
Pull request description:
The functions that could lock this mutex, i.e., `{S,G}etProxy()`, `{S,G}etNameProxy()`, `HaveNameProxy()`, `IsProxy()`, do not call itself recursively, and do not call each other either directly or indirectly. Therefore, the `g_proxyinfo_mutex` could be a non-recursive mutex.
Related to #19180.
ACKs for top commit:
MarcoFalke:
ACK 78c8f4fe11706cf5c165777c2ca122bd933b8b6a , reviewed with the -W git option 👮
vasild:
ACK 78c8f4fe verified that recursion does not happen
Tree-SHA512: fc077fb371f38af5d05f1383c6bebf9926167c257892936fefd2d4fe6f679ca40124d25099e09f645d8ec266df222f96c5d0f9fd39eddcad15cbde0b427bc205
2020-06-08 13:00:59 +02:00
|
|
|
static Mutex g_proxyinfo_mutex;
|
2021-08-30 14:33:29 +02:00
|
|
|
static Proxy proxyInfo[NET_MAX] GUARDED_BY(g_proxyinfo_mutex);
|
|
|
|
static Proxy nameProxy GUARDED_BY(g_proxyinfo_mutex);
|
2014-09-25 09:01:54 +02:00
|
|
|
int nConnectTimeout = DEFAULT_CONNECT_TIMEOUT;
|
2015-11-09 19:16:38 +01:00
|
|
|
bool fNameLookup = DEFAULT_NAME_LOOKUP;
|
2012-01-03 23:33:31 +01:00
|
|
|
|
2014-09-08 13:49:56 +02:00
|
|
|
// Need ample time for negotiation for very slow proxies such as Tor (milliseconds)
|
2020-06-07 18:59:46 +02:00
|
|
|
int g_socks5_recv_timeout = 20 * 1000;
|
2017-08-09 18:06:31 +02:00
|
|
|
static std::atomic<bool> interruptSocks5Recv(false);
|
2014-09-08 13:49:56 +02:00
|
|
|
|
2020-06-29 11:44:12 +02:00
|
|
|
std::vector<CNetAddr> WrappedGetAddrInfo(const std::string& name, bool allow_lookup)
|
|
|
|
{
|
|
|
|
addrinfo ai_hint{};
|
|
|
|
// We want a TCP port, which is a streaming socket type
|
|
|
|
ai_hint.ai_socktype = SOCK_STREAM;
|
|
|
|
ai_hint.ai_protocol = IPPROTO_TCP;
|
|
|
|
// We don't care which address family (IPv4 or IPv6) is returned
|
|
|
|
ai_hint.ai_family = AF_UNSPEC;
|
2024-07-18 23:51:16 +02:00
|
|
|
|
2020-06-29 11:44:12 +02:00
|
|
|
// If we allow lookups of hostnames, use the AI_ADDRCONFIG flag to only
|
|
|
|
// return addresses whose family we have an address configured for.
|
|
|
|
//
|
|
|
|
// If we don't allow lookups, then use the AI_NUMERICHOST flag for
|
|
|
|
// getaddrinfo to only decode numerical network addresses and suppress
|
|
|
|
// hostname lookups.
|
|
|
|
ai_hint.ai_flags = allow_lookup ? AI_ADDRCONFIG : AI_NUMERICHOST;
|
|
|
|
|
|
|
|
addrinfo* ai_res{nullptr};
|
|
|
|
const int n_err{getaddrinfo(name.c_str(), nullptr, &ai_hint, &ai_res)};
|
|
|
|
if (n_err != 0) {
|
2024-07-18 23:51:16 +02:00
|
|
|
if ((ai_hint.ai_flags & AI_ADDRCONFIG) == AI_ADDRCONFIG) {
|
|
|
|
// AI_ADDRCONFIG on some systems may exclude loopback-only addresses
|
|
|
|
// If first lookup failed we perform a second lookup without AI_ADDRCONFIG
|
|
|
|
ai_hint.ai_flags = (ai_hint.ai_flags & ~AI_ADDRCONFIG);
|
|
|
|
const int n_err_retry{getaddrinfo(name.c_str(), nullptr, &ai_hint, &ai_res)};
|
|
|
|
if (n_err_retry != 0) {
|
|
|
|
return {};
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
return {};
|
|
|
|
}
|
2020-06-29 11:44:12 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
// Traverse the linked list starting with ai_trav.
|
|
|
|
addrinfo* ai_trav{ai_res};
|
|
|
|
std::vector<CNetAddr> resolved_addresses;
|
|
|
|
while (ai_trav != nullptr) {
|
|
|
|
if (ai_trav->ai_family == AF_INET) {
|
|
|
|
assert(ai_trav->ai_addrlen >= sizeof(sockaddr_in));
|
|
|
|
resolved_addresses.emplace_back(reinterpret_cast<sockaddr_in*>(ai_trav->ai_addr)->sin_addr);
|
|
|
|
}
|
|
|
|
if (ai_trav->ai_family == AF_INET6) {
|
|
|
|
assert(ai_trav->ai_addrlen >= sizeof(sockaddr_in6));
|
|
|
|
const sockaddr_in6* s6{reinterpret_cast<sockaddr_in6*>(ai_trav->ai_addr)};
|
|
|
|
resolved_addresses.emplace_back(s6->sin6_addr, s6->sin6_scope_id);
|
|
|
|
}
|
|
|
|
ai_trav = ai_trav->ai_next;
|
|
|
|
}
|
|
|
|
freeaddrinfo(ai_res);
|
|
|
|
|
|
|
|
return resolved_addresses;
|
|
|
|
}
|
|
|
|
|
|
|
|
DNSLookupFn g_dns_lookup{WrappedGetAddrInfo};
|
|
|
|
|
2019-08-07 06:42:54 +02:00
|
|
|
enum Network ParseNetwork(const std::string& net_in) {
|
|
|
|
std::string net = ToLower(net_in);
|
2012-04-10 20:22:04 +02:00
|
|
|
if (net == "ipv4") return NET_IPV4;
|
|
|
|
if (net == "ipv6") return NET_IPV6;
|
2020-04-16 07:21:49 +02:00
|
|
|
if (net == "onion") return NET_ONION;
|
2018-06-27 07:42:30 +02:00
|
|
|
if (net == "tor") {
|
|
|
|
LogPrintf("Warning: net name 'tor' is deprecated and will be removed in the future. You should use 'onion' instead.\n");
|
2020-04-16 07:21:49 +02:00
|
|
|
return NET_ONION;
|
2018-06-27 07:42:30 +02:00
|
|
|
}
|
2020-11-18 17:13:27 +01:00
|
|
|
if (net == "i2p") {
|
|
|
|
return NET_I2P;
|
|
|
|
}
|
2024-05-27 11:24:31 +02:00
|
|
|
if (net == "cjdns") {
|
|
|
|
return NET_CJDNS;
|
|
|
|
}
|
2012-04-10 20:22:04 +02:00
|
|
|
return NET_UNROUTABLE;
|
|
|
|
}
|
|
|
|
|
Merge #20120: net, rpc, test, bugfix: update GetNetworkName, GetNetworksInfo, regression tests
7b5bd3102e06f7ff34b5d0f1d45a005560f265a5 test: add getnetworkinfo network name regression tests (Jon Atack)
9a75e1e5697476058b56cd8014a36de31bfecd4c rpc: update GetNetworksInfo() to not return unsupported networks (Jon Atack)
ba8997fb2eda73603ce457bfec668cb7e0acbc89 net: update GetNetworkName() with all enum Network cases (Jon Atack)
Pull request description:
Following up on the BIP155 addrv2 changes, and starting with 7be6ff6 in #19845, RPC getnetworkinfo began returning networks with empty names.
<details><summary><code>getnetworkinfo</code> on current master</summary><p>
```
"networks": [
{
"name": "ipv4",
"limited": false,
"reachable": true,
"proxy": "",
"proxy_randomize_credentials": false
},
{
"name": "ipv6",
"limited": false,
"reachable": true,
"proxy": "",
"proxy_randomize_credentials": false
},
{
"name": "onion",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
},
{
"name": "",
"limited": false,
"reachable": true,
"proxy": "",
"proxy_randomize_credentials": false
},
{
"name": "",
"limited": false,
"reachable": true,
"proxy": "",
"proxy_randomize_credentials": false
}
],
```
</p></details>
<details><summary><code>getnetworkinfo</code> on this branch</summary><p>
```
"networks": [
{
"name": "ipv4",
"limited": false,
"reachable": true,
"proxy": "",
"proxy_randomize_credentials": false
},
{
"name": "ipv6",
"limited": false,
"reachable": true,
"proxy": "",
"proxy_randomize_credentials": false
},
{
"name": "onion",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
}
],
```
</p></details>
This patch:
- updates `GetNetworkName()` to the current Network enum
- updates `getNetworksInfo()` to ignore as-yet unsupported networks
- adds regression tests
ACKs for top commit:
hebasto:
re-ACK 7b5bd3102e06f7ff34b5d0f1d45a005560f265a5
vasild:
ACK 7b5bd3102
Tree-SHA512: 8f12363eb430e6f45e59e3b1d69c2f2eb5ead254ce7a67547d116c3b70138d763157335a3c85b51f684a3b3b502c6aace4f6fa60ac3b988cf7a9475a7423c4d7
2020-11-09 17:03:37 +01:00
|
|
|
std::string GetNetworkName(enum Network net)
|
|
|
|
{
|
|
|
|
switch (net) {
|
2021-01-19 15:35:56 +01:00
|
|
|
case NET_UNROUTABLE: return "not_publicly_routable";
|
2014-07-30 15:32:36 +02:00
|
|
|
case NET_IPV4: return "ipv4";
|
|
|
|
case NET_IPV6: return "ipv6";
|
2020-04-16 07:21:49 +02:00
|
|
|
case NET_ONION: return "onion";
|
Merge #20120: net, rpc, test, bugfix: update GetNetworkName, GetNetworksInfo, regression tests
7b5bd3102e06f7ff34b5d0f1d45a005560f265a5 test: add getnetworkinfo network name regression tests (Jon Atack)
9a75e1e5697476058b56cd8014a36de31bfecd4c rpc: update GetNetworksInfo() to not return unsupported networks (Jon Atack)
ba8997fb2eda73603ce457bfec668cb7e0acbc89 net: update GetNetworkName() with all enum Network cases (Jon Atack)
Pull request description:
Following up on the BIP155 addrv2 changes, and starting with 7be6ff6 in #19845, RPC getnetworkinfo began returning networks with empty names.
<details><summary><code>getnetworkinfo</code> on current master</summary><p>
```
"networks": [
{
"name": "ipv4",
"limited": false,
"reachable": true,
"proxy": "",
"proxy_randomize_credentials": false
},
{
"name": "ipv6",
"limited": false,
"reachable": true,
"proxy": "",
"proxy_randomize_credentials": false
},
{
"name": "onion",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
},
{
"name": "",
"limited": false,
"reachable": true,
"proxy": "",
"proxy_randomize_credentials": false
},
{
"name": "",
"limited": false,
"reachable": true,
"proxy": "",
"proxy_randomize_credentials": false
}
],
```
</p></details>
<details><summary><code>getnetworkinfo</code> on this branch</summary><p>
```
"networks": [
{
"name": "ipv4",
"limited": false,
"reachable": true,
"proxy": "",
"proxy_randomize_credentials": false
},
{
"name": "ipv6",
"limited": false,
"reachable": true,
"proxy": "",
"proxy_randomize_credentials": false
},
{
"name": "onion",
"limited": false,
"reachable": true,
"proxy": "127.0.0.1:9050",
"proxy_randomize_credentials": true
}
],
```
</p></details>
This patch:
- updates `GetNetworkName()` to the current Network enum
- updates `getNetworksInfo()` to ignore as-yet unsupported networks
- adds regression tests
ACKs for top commit:
hebasto:
re-ACK 7b5bd3102e06f7ff34b5d0f1d45a005560f265a5
vasild:
ACK 7b5bd3102
Tree-SHA512: 8f12363eb430e6f45e59e3b1d69c2f2eb5ead254ce7a67547d116c3b70138d763157335a3c85b51f684a3b3b502c6aace4f6fa60ac3b988cf7a9475a7423c4d7
2020-11-09 17:03:37 +01:00
|
|
|
case NET_I2P: return "i2p";
|
|
|
|
case NET_CJDNS: return "cjdns";
|
|
|
|
case NET_INTERNAL: return "internal";
|
|
|
|
case NET_MAX: assert(false);
|
|
|
|
} // no default case, so the compiler can warn about missing cases
|
|
|
|
|
|
|
|
assert(false);
|
2014-07-30 15:32:36 +02:00
|
|
|
}
|
|
|
|
|
2021-01-19 15:35:56 +01:00
|
|
|
std::vector<std::string> GetNetworkNames(bool append_unroutable)
|
|
|
|
{
|
|
|
|
std::vector<std::string> names;
|
|
|
|
for (int n = 0; n < NET_MAX; ++n) {
|
|
|
|
const enum Network network{static_cast<Network>(n)};
|
2024-05-27 11:24:31 +02:00
|
|
|
if (network == NET_UNROUTABLE || network == NET_INTERNAL) continue;
|
2021-01-19 15:35:56 +01:00
|
|
|
names.emplace_back(GetNetworkName(network));
|
|
|
|
}
|
|
|
|
if (append_unroutable) {
|
|
|
|
names.emplace_back(GetNetworkName(NET_UNROUTABLE));
|
|
|
|
}
|
|
|
|
return names;
|
|
|
|
}
|
|
|
|
|
2024-09-11 20:34:06 +02:00
|
|
|
static std::vector<CNetAddr> LookupIntern(const std::string& name, unsigned int nMaxSolutions, bool fAllowLookup, DNSLookupFn dns_lookup_function)
|
2012-01-03 23:33:31 +01:00
|
|
|
{
|
2024-09-11 20:34:06 +02:00
|
|
|
if (!ValidAsCString(name)) return {};
|
2012-04-29 02:11:56 +02:00
|
|
|
{
|
|
|
|
CNetAddr addr;
|
2019-07-15 21:21:10 +02:00
|
|
|
// From our perspective, onion addresses are not hostnames but rather
|
|
|
|
// direct encodings of CNetAddr much like IPv4 dotted-decimal notation
|
|
|
|
// or IPv6 colon-separated hextet notation. Since we can't use
|
|
|
|
// getaddrinfo to decode them and it wouldn't make sense to resolve
|
|
|
|
// them, we return a network address representing it instead. See
|
|
|
|
// CNetAddr::SetSpecial(const std::string&) for more details.
|
2024-09-11 20:34:06 +02:00
|
|
|
if (addr.SetSpecial(name)) return {addr};
|
2012-04-29 02:11:56 +02:00
|
|
|
}
|
|
|
|
|
2024-09-11 20:34:06 +02:00
|
|
|
std::vector<CNetAddr> addresses;
|
|
|
|
|
2020-06-29 11:44:12 +02:00
|
|
|
for (const CNetAddr& resolved : dns_lookup_function(name, fAllowLookup)) {
|
2024-09-11 20:34:06 +02:00
|
|
|
if (nMaxSolutions > 0 && addresses.size() >= nMaxSolutions) {
|
2020-06-29 11:44:12 +02:00
|
|
|
break;
|
2017-06-24 12:16:41 +02:00
|
|
|
}
|
|
|
|
/* Never allow resolving to an internal address. Consider any such result invalid */
|
|
|
|
if (!resolved.IsInternal()) {
|
2024-09-11 20:34:06 +02:00
|
|
|
addresses.push_back(resolved);
|
2012-01-03 23:33:31 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2024-09-11 20:34:06 +02:00
|
|
|
return addresses;
|
2012-01-03 23:33:31 +01:00
|
|
|
}
|
|
|
|
|
2024-09-11 20:34:06 +02:00
|
|
|
std::vector<CNetAddr> LookupHost(const std::string& name, unsigned int nMaxSolutions, bool fAllowLookup, DNSLookupFn dns_lookup_function)
|
2012-01-03 23:33:31 +01:00
|
|
|
{
|
2024-09-11 20:34:06 +02:00
|
|
|
if (!ValidAsCString(name)) return {};
|
Merge #17754: net: Don't allow resolving of std::string with embedded NUL characters. Add tests.
7a046cdc1423963bdcbcf9bb98560af61fa90b37 tests: Avoid using C-style NUL-terminated strings as arguments (practicalswift)
fefb9165f23fe9d10ad092ec31715f906e0d2ee7 tests: Add tests to make sure lookup methods fail on std::string parameters with embedded NUL characters (practicalswift)
9574de86ad703ad942cdd0eca79f48c0d42b102b net: Avoid using C-style NUL-terminated strings as arguments in the netbase interface (practicalswift)
Pull request description:
Don't allow resolving of `std::string`:s with embedded `NUL` characters.
Avoid using C-style `NUL`-terminated strings as arguments in the `netbase` interface
Add tests.
The only place in where C-style `NUL`-terminated strings are actually needed is here:
```diff
+ if (!ValidAsCString(name)) {
+ return false;
+ }
...
- int nErr = getaddrinfo(pszName, nullptr, &aiHint, &aiRes);
+ int nErr = getaddrinfo(name.c_str(), nullptr, &aiHint, &aiRes);
if (nErr)
return false;
```
Interface changes:
```diff
-bool LookupHost(const char *pszName, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
+bool LookupHost(const std::string& name, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
-bool LookupHost(const char *pszName, CNetAddr& addr, bool fAllowLookup);
+bool LookupHost(const std::string& name, CNetAddr& addr, bool fAllowLookup);
-bool Lookup(const char *pszName, CService& addr, int portDefault, bool fAllowLookup);
+bool Lookup(const std::string& name, CService& addr, int portDefault, bool fAllowLookup);
-bool Lookup(const char *pszName, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
+bool Lookup(const std::string& name, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
-bool LookupSubNet(const char *pszName, CSubNet& subnet);
+bool LookupSubNet(const std::string& strSubnet, CSubNet& subnet);
-CService LookupNumeric(const char *pszName, int portDefault = 0);
+CService LookupNumeric(const std::string& name, int portDefault = 0);
-bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool *outProxyConnectionFailed);
+bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool& outProxyConnectionFailed);
```
It should be noted that the `ConnectThroughProxy` change (from `bool *outProxyConnectionFailed` to `bool& outProxyConnectionFailed`) has nothing to do with `NUL` handling but I thought it was worth doing when touching this file :)
ACKs for top commit:
EthanHeilman:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
laanwj:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
Tree-SHA512: 66556e290db996917b54091acd591df221f72230f6b9f6b167b9195ee870ebef6e26f4cda2f6f54d00e1c362e1743bf56785d0de7cae854e6bf7d26f6caccaba
2020-01-22 20:14:12 +01:00
|
|
|
std::string strHost = name;
|
2024-09-11 20:34:06 +02:00
|
|
|
if (strHost.empty()) return {};
|
2018-07-24 20:49:54 +02:00
|
|
|
if (strHost.front() == '[' && strHost.back() == ']') {
|
2013-04-27 14:27:05 +02:00
|
|
|
strHost = strHost.substr(1, strHost.size() - 2);
|
2012-01-03 23:33:31 +01:00
|
|
|
}
|
|
|
|
|
2024-09-11 20:34:06 +02:00
|
|
|
return LookupIntern(strHost, nMaxSolutions, fAllowLookup, dns_lookup_function);
|
2012-01-03 23:33:31 +01:00
|
|
|
}
|
|
|
|
|
2024-09-11 20:34:06 +02:00
|
|
|
std::optional<CNetAddr> LookupHost(const std::string& name, bool fAllowLookup, DNSLookupFn dns_lookup_function)
|
2017-09-03 15:29:10 +02:00
|
|
|
{
|
2024-09-11 20:34:06 +02:00
|
|
|
const std::vector<CNetAddr> addresses{LookupHost(name, 1, fAllowLookup, dns_lookup_function)};
|
|
|
|
return addresses.empty() ? std::nullopt : std::make_optional(addresses.front());
|
2017-09-03 15:29:10 +02:00
|
|
|
}
|
|
|
|
|
2024-09-11 20:34:06 +02:00
|
|
|
std::vector<CService> Lookup(const std::string& name, uint16_t portDefault, bool fAllowLookup, unsigned int nMaxSolutions, DNSLookupFn dns_lookup_function)
|
2012-01-03 23:33:31 +01:00
|
|
|
{
|
Merge #17754: net: Don't allow resolving of std::string with embedded NUL characters. Add tests.
7a046cdc1423963bdcbcf9bb98560af61fa90b37 tests: Avoid using C-style NUL-terminated strings as arguments (practicalswift)
fefb9165f23fe9d10ad092ec31715f906e0d2ee7 tests: Add tests to make sure lookup methods fail on std::string parameters with embedded NUL characters (practicalswift)
9574de86ad703ad942cdd0eca79f48c0d42b102b net: Avoid using C-style NUL-terminated strings as arguments in the netbase interface (practicalswift)
Pull request description:
Don't allow resolving of `std::string`:s with embedded `NUL` characters.
Avoid using C-style `NUL`-terminated strings as arguments in the `netbase` interface
Add tests.
The only place in where C-style `NUL`-terminated strings are actually needed is here:
```diff
+ if (!ValidAsCString(name)) {
+ return false;
+ }
...
- int nErr = getaddrinfo(pszName, nullptr, &aiHint, &aiRes);
+ int nErr = getaddrinfo(name.c_str(), nullptr, &aiHint, &aiRes);
if (nErr)
return false;
```
Interface changes:
```diff
-bool LookupHost(const char *pszName, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
+bool LookupHost(const std::string& name, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
-bool LookupHost(const char *pszName, CNetAddr& addr, bool fAllowLookup);
+bool LookupHost(const std::string& name, CNetAddr& addr, bool fAllowLookup);
-bool Lookup(const char *pszName, CService& addr, int portDefault, bool fAllowLookup);
+bool Lookup(const std::string& name, CService& addr, int portDefault, bool fAllowLookup);
-bool Lookup(const char *pszName, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
+bool Lookup(const std::string& name, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
-bool LookupSubNet(const char *pszName, CSubNet& subnet);
+bool LookupSubNet(const std::string& strSubnet, CSubNet& subnet);
-CService LookupNumeric(const char *pszName, int portDefault = 0);
+CService LookupNumeric(const std::string& name, int portDefault = 0);
-bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool *outProxyConnectionFailed);
+bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool& outProxyConnectionFailed);
```
It should be noted that the `ConnectThroughProxy` change (from `bool *outProxyConnectionFailed` to `bool& outProxyConnectionFailed`) has nothing to do with `NUL` handling but I thought it was worth doing when touching this file :)
ACKs for top commit:
EthanHeilman:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
laanwj:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
Tree-SHA512: 66556e290db996917b54091acd591df221f72230f6b9f6b167b9195ee870ebef6e26f4cda2f6f54d00e1c362e1743bf56785d0de7cae854e6bf7d26f6caccaba
2020-01-22 20:14:12 +01:00
|
|
|
if (name.empty() || !ValidAsCString(name)) {
|
2024-09-11 20:34:06 +02:00
|
|
|
return {};
|
Merge #17754: net: Don't allow resolving of std::string with embedded NUL characters. Add tests.
7a046cdc1423963bdcbcf9bb98560af61fa90b37 tests: Avoid using C-style NUL-terminated strings as arguments (practicalswift)
fefb9165f23fe9d10ad092ec31715f906e0d2ee7 tests: Add tests to make sure lookup methods fail on std::string parameters with embedded NUL characters (practicalswift)
9574de86ad703ad942cdd0eca79f48c0d42b102b net: Avoid using C-style NUL-terminated strings as arguments in the netbase interface (practicalswift)
Pull request description:
Don't allow resolving of `std::string`:s with embedded `NUL` characters.
Avoid using C-style `NUL`-terminated strings as arguments in the `netbase` interface
Add tests.
The only place in where C-style `NUL`-terminated strings are actually needed is here:
```diff
+ if (!ValidAsCString(name)) {
+ return false;
+ }
...
- int nErr = getaddrinfo(pszName, nullptr, &aiHint, &aiRes);
+ int nErr = getaddrinfo(name.c_str(), nullptr, &aiHint, &aiRes);
if (nErr)
return false;
```
Interface changes:
```diff
-bool LookupHost(const char *pszName, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
+bool LookupHost(const std::string& name, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
-bool LookupHost(const char *pszName, CNetAddr& addr, bool fAllowLookup);
+bool LookupHost(const std::string& name, CNetAddr& addr, bool fAllowLookup);
-bool Lookup(const char *pszName, CService& addr, int portDefault, bool fAllowLookup);
+bool Lookup(const std::string& name, CService& addr, int portDefault, bool fAllowLookup);
-bool Lookup(const char *pszName, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
+bool Lookup(const std::string& name, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
-bool LookupSubNet(const char *pszName, CSubNet& subnet);
+bool LookupSubNet(const std::string& strSubnet, CSubNet& subnet);
-CService LookupNumeric(const char *pszName, int portDefault = 0);
+CService LookupNumeric(const std::string& name, int portDefault = 0);
-bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool *outProxyConnectionFailed);
+bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool& outProxyConnectionFailed);
```
It should be noted that the `ConnectThroughProxy` change (from `bool *outProxyConnectionFailed` to `bool& outProxyConnectionFailed`) has nothing to do with `NUL` handling but I thought it was worth doing when touching this file :)
ACKs for top commit:
EthanHeilman:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
laanwj:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
Tree-SHA512: 66556e290db996917b54091acd591df221f72230f6b9f6b167b9195ee870ebef6e26f4cda2f6f54d00e1c362e1743bf56785d0de7cae854e6bf7d26f6caccaba
2020-01-22 20:14:12 +01:00
|
|
|
}
|
2021-03-01 21:35:28 +01:00
|
|
|
uint16_t port{portDefault};
|
2018-03-01 20:50:33 +01:00
|
|
|
std::string hostname;
|
Merge #17754: net: Don't allow resolving of std::string with embedded NUL characters. Add tests.
7a046cdc1423963bdcbcf9bb98560af61fa90b37 tests: Avoid using C-style NUL-terminated strings as arguments (practicalswift)
fefb9165f23fe9d10ad092ec31715f906e0d2ee7 tests: Add tests to make sure lookup methods fail on std::string parameters with embedded NUL characters (practicalswift)
9574de86ad703ad942cdd0eca79f48c0d42b102b net: Avoid using C-style NUL-terminated strings as arguments in the netbase interface (practicalswift)
Pull request description:
Don't allow resolving of `std::string`:s with embedded `NUL` characters.
Avoid using C-style `NUL`-terminated strings as arguments in the `netbase` interface
Add tests.
The only place in where C-style `NUL`-terminated strings are actually needed is here:
```diff
+ if (!ValidAsCString(name)) {
+ return false;
+ }
...
- int nErr = getaddrinfo(pszName, nullptr, &aiHint, &aiRes);
+ int nErr = getaddrinfo(name.c_str(), nullptr, &aiHint, &aiRes);
if (nErr)
return false;
```
Interface changes:
```diff
-bool LookupHost(const char *pszName, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
+bool LookupHost(const std::string& name, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
-bool LookupHost(const char *pszName, CNetAddr& addr, bool fAllowLookup);
+bool LookupHost(const std::string& name, CNetAddr& addr, bool fAllowLookup);
-bool Lookup(const char *pszName, CService& addr, int portDefault, bool fAllowLookup);
+bool Lookup(const std::string& name, CService& addr, int portDefault, bool fAllowLookup);
-bool Lookup(const char *pszName, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
+bool Lookup(const std::string& name, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
-bool LookupSubNet(const char *pszName, CSubNet& subnet);
+bool LookupSubNet(const std::string& strSubnet, CSubNet& subnet);
-CService LookupNumeric(const char *pszName, int portDefault = 0);
+CService LookupNumeric(const std::string& name, int portDefault = 0);
-bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool *outProxyConnectionFailed);
+bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool& outProxyConnectionFailed);
```
It should be noted that the `ConnectThroughProxy` change (from `bool *outProxyConnectionFailed` to `bool& outProxyConnectionFailed`) has nothing to do with `NUL` handling but I thought it was worth doing when touching this file :)
ACKs for top commit:
EthanHeilman:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
laanwj:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
Tree-SHA512: 66556e290db996917b54091acd591df221f72230f6b9f6b167b9195ee870ebef6e26f4cda2f6f54d00e1c362e1743bf56785d0de7cae854e6bf7d26f6caccaba
2020-01-22 20:14:12 +01:00
|
|
|
SplitHostPort(name, port, hostname);
|
2012-01-03 23:33:31 +01:00
|
|
|
|
2024-09-11 20:34:06 +02:00
|
|
|
const std::vector<CNetAddr> addresses{LookupIntern(hostname, nMaxSolutions, fAllowLookup, dns_lookup_function)};
|
|
|
|
if (addresses.empty()) return {};
|
|
|
|
std::vector<CService> services;
|
|
|
|
services.reserve(addresses.size());
|
|
|
|
for (const auto& addr : addresses)
|
|
|
|
services.emplace_back(addr, port);
|
|
|
|
return services;
|
2011-12-17 01:48:03 +01:00
|
|
|
}
|
|
|
|
|
2024-09-11 20:34:06 +02:00
|
|
|
std::optional<CService> Lookup(const std::string& name, uint16_t portDefault, bool fAllowLookup, DNSLookupFn dns_lookup_function)
|
2011-12-17 01:48:03 +01:00
|
|
|
{
|
2024-09-11 20:34:06 +02:00
|
|
|
const std::vector<CService> services{Lookup(name, portDefault, fAllowLookup, 1, dns_lookup_function)};
|
|
|
|
|
|
|
|
return services.empty() ? std::nullopt : std::make_optional(services.front());
|
2012-01-03 23:33:31 +01:00
|
|
|
}
|
|
|
|
|
2021-03-01 21:35:28 +01:00
|
|
|
CService LookupNumeric(const std::string& name, uint16_t portDefault, DNSLookupFn dns_lookup_function)
|
2012-01-03 23:33:31 +01:00
|
|
|
{
|
Merge #17754: net: Don't allow resolving of std::string with embedded NUL characters. Add tests.
7a046cdc1423963bdcbcf9bb98560af61fa90b37 tests: Avoid using C-style NUL-terminated strings as arguments (practicalswift)
fefb9165f23fe9d10ad092ec31715f906e0d2ee7 tests: Add tests to make sure lookup methods fail on std::string parameters with embedded NUL characters (practicalswift)
9574de86ad703ad942cdd0eca79f48c0d42b102b net: Avoid using C-style NUL-terminated strings as arguments in the netbase interface (practicalswift)
Pull request description:
Don't allow resolving of `std::string`:s with embedded `NUL` characters.
Avoid using C-style `NUL`-terminated strings as arguments in the `netbase` interface
Add tests.
The only place in where C-style `NUL`-terminated strings are actually needed is here:
```diff
+ if (!ValidAsCString(name)) {
+ return false;
+ }
...
- int nErr = getaddrinfo(pszName, nullptr, &aiHint, &aiRes);
+ int nErr = getaddrinfo(name.c_str(), nullptr, &aiHint, &aiRes);
if (nErr)
return false;
```
Interface changes:
```diff
-bool LookupHost(const char *pszName, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
+bool LookupHost(const std::string& name, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
-bool LookupHost(const char *pszName, CNetAddr& addr, bool fAllowLookup);
+bool LookupHost(const std::string& name, CNetAddr& addr, bool fAllowLookup);
-bool Lookup(const char *pszName, CService& addr, int portDefault, bool fAllowLookup);
+bool Lookup(const std::string& name, CService& addr, int portDefault, bool fAllowLookup);
-bool Lookup(const char *pszName, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
+bool Lookup(const std::string& name, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
-bool LookupSubNet(const char *pszName, CSubNet& subnet);
+bool LookupSubNet(const std::string& strSubnet, CSubNet& subnet);
-CService LookupNumeric(const char *pszName, int portDefault = 0);
+CService LookupNumeric(const std::string& name, int portDefault = 0);
-bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool *outProxyConnectionFailed);
+bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool& outProxyConnectionFailed);
```
It should be noted that the `ConnectThroughProxy` change (from `bool *outProxyConnectionFailed` to `bool& outProxyConnectionFailed`) has nothing to do with `NUL` handling but I thought it was worth doing when touching this file :)
ACKs for top commit:
EthanHeilman:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
laanwj:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
Tree-SHA512: 66556e290db996917b54091acd591df221f72230f6b9f6b167b9195ee870ebef6e26f4cda2f6f54d00e1c362e1743bf56785d0de7cae854e6bf7d26f6caccaba
2020-01-22 20:14:12 +01:00
|
|
|
if (!ValidAsCString(name)) {
|
|
|
|
return {};
|
|
|
|
}
|
2017-09-03 15:29:10 +02:00
|
|
|
// "1.2:345" will fail to resolve the ip, but will still set the port.
|
|
|
|
// If the ip fails to resolve, re-init the result.
|
2024-09-11 20:34:06 +02:00
|
|
|
return Lookup(name, portDefault, /*fAllowLookup=*/false, dns_lookup_function).value_or(CService{});
|
2012-01-03 23:33:31 +01:00
|
|
|
}
|
|
|
|
|
2017-09-28 05:09:49 +02:00
|
|
|
/** SOCKS version */
|
|
|
|
enum SOCKSVersion: uint8_t {
|
|
|
|
SOCKS4 = 0x04,
|
|
|
|
SOCKS5 = 0x05
|
|
|
|
};
|
|
|
|
|
|
|
|
/** Values defined for METHOD in RFC1928 */
|
|
|
|
enum SOCKS5Method: uint8_t {
|
2018-10-01 03:13:42 +02:00
|
|
|
NOAUTH = 0x00, //!< No authentication required
|
|
|
|
GSSAPI = 0x01, //!< GSSAPI
|
|
|
|
USER_PASS = 0x02, //!< Username/password
|
|
|
|
NO_ACCEPTABLE = 0xff, //!< No acceptable methods
|
2017-09-28 05:09:49 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
/** Values defined for CMD in RFC1928 */
|
|
|
|
enum SOCKS5Command: uint8_t {
|
|
|
|
CONNECT = 0x01,
|
|
|
|
BIND = 0x02,
|
|
|
|
UDP_ASSOCIATE = 0x03
|
|
|
|
};
|
|
|
|
|
|
|
|
/** Values defined for REP in RFC1928 */
|
|
|
|
enum SOCKS5Reply: uint8_t {
|
2018-10-01 03:13:42 +02:00
|
|
|
SUCCEEDED = 0x00, //!< Succeeded
|
|
|
|
GENFAILURE = 0x01, //!< General failure
|
|
|
|
NOTALLOWED = 0x02, //!< Connection not allowed by ruleset
|
|
|
|
NETUNREACHABLE = 0x03, //!< Network unreachable
|
|
|
|
HOSTUNREACHABLE = 0x04, //!< Network unreachable
|
|
|
|
CONNREFUSED = 0x05, //!< Connection refused
|
|
|
|
TTLEXPIRED = 0x06, //!< TTL expired
|
|
|
|
CMDUNSUPPORTED = 0x07, //!< Command not supported
|
|
|
|
ATYPEUNSUPPORTED = 0x08, //!< Address type not supported
|
2017-09-28 05:09:49 +02:00
|
|
|
};
|
|
|
|
|
|
|
|
/** Values defined for ATYPE in RFC1928 */
|
|
|
|
enum SOCKS5Atyp: uint8_t {
|
|
|
|
IPV4 = 0x01,
|
|
|
|
DOMAINNAME = 0x03,
|
|
|
|
IPV6 = 0x04,
|
|
|
|
};
|
|
|
|
|
|
|
|
/** Status codes that can be returned by InterruptibleRecv */
|
2019-01-03 10:18:47 +01:00
|
|
|
enum class IntrRecvError {
|
|
|
|
OK,
|
|
|
|
Timeout,
|
|
|
|
Disconnected,
|
|
|
|
NetworkError,
|
|
|
|
Interrupted
|
|
|
|
};
|
|
|
|
|
2014-09-08 13:49:56 +02:00
|
|
|
/**
|
2019-07-15 21:21:10 +02:00
|
|
|
* Try to read a specified number of bytes from a socket. Please read the "see
|
|
|
|
* also" section for more detail.
|
2014-09-08 13:49:56 +02:00
|
|
|
*
|
2019-07-15 21:21:10 +02:00
|
|
|
* @param data The buffer where the read bytes should be stored.
|
|
|
|
* @param len The number of bytes to read into the specified buffer.
|
|
|
|
* @param timeout The total timeout in milliseconds for this read.
|
2022-10-26 13:25:11 +02:00
|
|
|
* @param sock The socket (has to be in non-blocking mode) from which to read bytes.
|
2014-09-08 13:49:56 +02:00
|
|
|
*
|
2019-07-15 21:21:10 +02:00
|
|
|
* @returns An IntrRecvError indicating the resulting status of this read.
|
|
|
|
* IntrRecvError::OK only if all of the specified number of bytes were
|
|
|
|
* read.
|
|
|
|
*
|
|
|
|
* @see This function can be interrupted by calling InterruptSocks5(bool).
|
|
|
|
* Sockets can be made non-blocking with SetSocketNonBlocking(const
|
2022-04-14 10:05:00 +02:00
|
|
|
* SOCKET&).
|
2014-09-08 13:49:56 +02:00
|
|
|
*/
|
2022-10-26 13:25:11 +02:00
|
|
|
static IntrRecvError InterruptibleRecv(uint8_t* data, size_t len, int timeout, const Sock& sock)
|
2014-09-08 13:49:56 +02:00
|
|
|
{
|
|
|
|
int64_t curTime = GetTimeMillis();
|
|
|
|
int64_t endTime = curTime + timeout;
|
|
|
|
while (len > 0 && curTime < endTime) {
|
2022-10-26 13:25:11 +02:00
|
|
|
ssize_t ret = sock.Recv(data, len, 0); // Optimistically try the recv first
|
2014-09-08 13:49:56 +02:00
|
|
|
if (ret > 0) {
|
|
|
|
len -= ret;
|
|
|
|
data += ret;
|
|
|
|
} else if (ret == 0) { // Unexpected disconnection
|
2019-01-03 10:18:47 +01:00
|
|
|
return IntrRecvError::Disconnected;
|
2014-09-08 13:49:56 +02:00
|
|
|
} else { // Other error or blocking
|
|
|
|
int nErr = WSAGetLastError();
|
|
|
|
if (nErr == WSAEINPROGRESS || nErr == WSAEWOULDBLOCK || nErr == WSAEINVAL) {
|
2020-11-18 17:13:27 +01:00
|
|
|
// Only wait at most MAX_WAIT_FOR_IO at a time, unless
|
2019-07-15 21:21:10 +02:00
|
|
|
// we're approaching the end of the specified total timeout
|
2020-11-18 17:13:27 +01:00
|
|
|
const auto remaining = std::chrono::milliseconds{endTime - curTime};
|
|
|
|
const auto timeout = std::min(remaining, std::chrono::milliseconds{MAX_WAIT_FOR_IO});
|
|
|
|
if (!sock.Wait(timeout, Sock::RECV)) {
|
2019-01-03 10:18:47 +01:00
|
|
|
return IntrRecvError::NetworkError;
|
2014-09-08 13:49:56 +02:00
|
|
|
}
|
|
|
|
} else {
|
2019-01-03 10:18:47 +01:00
|
|
|
return IntrRecvError::NetworkError;
|
2014-09-08 13:49:56 +02:00
|
|
|
}
|
|
|
|
}
|
2017-08-09 18:06:31 +02:00
|
|
|
if (interruptSocks5Recv)
|
2019-01-03 10:18:47 +01:00
|
|
|
return IntrRecvError::Interrupted;
|
2014-09-08 13:49:56 +02:00
|
|
|
curTime = GetTimeMillis();
|
2012-04-01 20:25:48 +02:00
|
|
|
}
|
2019-01-03 10:18:47 +01:00
|
|
|
return len == 0 ? IntrRecvError::OK : IntrRecvError::Timeout;
|
2012-04-01 20:25:48 +02:00
|
|
|
}
|
|
|
|
|
2017-10-18 17:01:17 +02:00
|
|
|
/** Convert SOCKS5 reply to an error message */
|
2018-05-04 22:42:39 +02:00
|
|
|
static std::string Socks5ErrorString(uint8_t err)
|
2016-05-19 08:45:27 +02:00
|
|
|
{
|
|
|
|
switch(err) {
|
2017-09-28 05:09:49 +02:00
|
|
|
case SOCKS5Reply::GENFAILURE:
|
|
|
|
return "general failure";
|
|
|
|
case SOCKS5Reply::NOTALLOWED:
|
|
|
|
return "connection not allowed";
|
|
|
|
case SOCKS5Reply::NETUNREACHABLE:
|
|
|
|
return "network unreachable";
|
|
|
|
case SOCKS5Reply::HOSTUNREACHABLE:
|
|
|
|
return "host unreachable";
|
|
|
|
case SOCKS5Reply::CONNREFUSED:
|
|
|
|
return "connection refused";
|
|
|
|
case SOCKS5Reply::TTLEXPIRED:
|
|
|
|
return "TTL expired";
|
|
|
|
case SOCKS5Reply::CMDUNSUPPORTED:
|
|
|
|
return "protocol error";
|
|
|
|
case SOCKS5Reply::ATYPEUNSUPPORTED:
|
|
|
|
return "address type not supported";
|
|
|
|
default:
|
|
|
|
return "unknown";
|
2016-05-19 08:45:27 +02:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-03-01 21:35:28 +01:00
|
|
|
bool Socks5(const std::string& strDest, uint16_t port, const ProxyCredentials* auth, const Sock& sock)
|
2012-04-01 20:25:48 +02:00
|
|
|
{
|
2019-01-03 10:18:47 +01:00
|
|
|
IntrRecvError recvr;
|
2019-05-22 23:51:39 +02:00
|
|
|
LogPrint(BCLog::NET, "SOCKS5 connecting %s\n", strDest);
|
2015-03-16 16:30:49 +01:00
|
|
|
if (strDest.size() > 255) {
|
2012-04-19 17:02:21 +02:00
|
|
|
return error("Hostname too long");
|
|
|
|
}
|
2019-07-15 21:21:10 +02:00
|
|
|
// Construct the version identifier/method selection message
|
2015-03-16 16:30:49 +01:00
|
|
|
std::vector<uint8_t> vSocks5Init;
|
2019-07-15 21:21:10 +02:00
|
|
|
vSocks5Init.push_back(SOCKSVersion::SOCKS5); // We want the SOCK5 protocol
|
2015-03-16 16:30:49 +01:00
|
|
|
if (auth) {
|
2019-07-15 21:21:10 +02:00
|
|
|
vSocks5Init.push_back(0x02); // 2 method identifiers follow...
|
2017-09-28 05:09:49 +02:00
|
|
|
vSocks5Init.push_back(SOCKS5Method::NOAUTH);
|
|
|
|
vSocks5Init.push_back(SOCKS5Method::USER_PASS);
|
2015-03-16 16:30:49 +01:00
|
|
|
} else {
|
2019-07-15 21:21:10 +02:00
|
|
|
vSocks5Init.push_back(0x01); // 1 method identifier follows...
|
2017-09-28 05:09:49 +02:00
|
|
|
vSocks5Init.push_back(SOCKS5Method::NOAUTH);
|
2015-03-16 16:30:49 +01:00
|
|
|
}
|
2022-10-26 13:25:11 +02:00
|
|
|
ssize_t ret = sock.Send(vSocks5Init.data(), vSocks5Init.size(), MSG_NOSIGNAL);
|
2015-03-16 16:30:49 +01:00
|
|
|
if (ret != (ssize_t)vSocks5Init.size()) {
|
2012-04-01 20:25:48 +02:00
|
|
|
return error("Error sending to proxy");
|
|
|
|
}
|
2017-09-28 05:09:49 +02:00
|
|
|
uint8_t pchRet1[2];
|
2020-06-07 18:59:46 +02:00
|
|
|
if ((recvr = InterruptibleRecv(pchRet1, 2, g_socks5_recv_timeout, sock)) != IntrRecvError::OK) {
|
2016-05-19 08:45:27 +02:00
|
|
|
LogPrintf("Socks5() connect to %s:%d failed: InterruptibleRecv() timeout or other failure\n", strDest, port);
|
|
|
|
return false;
|
2012-04-01 20:25:48 +02:00
|
|
|
}
|
2017-09-28 05:09:49 +02:00
|
|
|
if (pchRet1[0] != SOCKSVersion::SOCKS5) {
|
2012-04-01 20:25:48 +02:00
|
|
|
return error("Proxy failed to initialize");
|
|
|
|
}
|
2017-09-28 05:09:49 +02:00
|
|
|
if (pchRet1[1] == SOCKS5Method::USER_PASS && auth) {
|
2015-03-16 16:30:49 +01:00
|
|
|
// Perform username/password authentication (as described in RFC1929)
|
|
|
|
std::vector<uint8_t> vAuth;
|
2017-09-28 05:09:49 +02:00
|
|
|
vAuth.push_back(0x01); // Current (and only) version of user/pass subnegotiation
|
2015-03-16 16:30:49 +01:00
|
|
|
if (auth->username.size() > 255 || auth->password.size() > 255)
|
|
|
|
return error("Proxy username or password too long");
|
|
|
|
vAuth.push_back(auth->username.size());
|
|
|
|
vAuth.insert(vAuth.end(), auth->username.begin(), auth->username.end());
|
|
|
|
vAuth.push_back(auth->password.size());
|
|
|
|
vAuth.insert(vAuth.end(), auth->password.begin(), auth->password.end());
|
2022-10-26 13:25:11 +02:00
|
|
|
ret = sock.Send(vAuth.data(), vAuth.size(), MSG_NOSIGNAL);
|
2015-03-16 16:30:49 +01:00
|
|
|
if (ret != (ssize_t)vAuth.size()) {
|
|
|
|
return error("Error sending authentication to proxy");
|
|
|
|
}
|
2019-05-22 23:51:39 +02:00
|
|
|
LogPrint(BCLog::PROXY, "SOCKS5 sending proxy authentication %s:%s\n", auth->username, auth->password);
|
2017-09-28 05:09:49 +02:00
|
|
|
uint8_t pchRetA[2];
|
2020-06-07 18:59:46 +02:00
|
|
|
if ((recvr = InterruptibleRecv(pchRetA, 2, g_socks5_recv_timeout, sock)) != IntrRecvError::OK) {
|
2015-03-16 16:30:49 +01:00
|
|
|
return error("Error reading proxy authentication response");
|
|
|
|
}
|
|
|
|
if (pchRetA[0] != 0x01 || pchRetA[1] != 0x00) {
|
2015-08-09 01:17:27 +02:00
|
|
|
return error("Proxy authentication unsuccessful");
|
2015-03-16 16:30:49 +01:00
|
|
|
}
|
2017-09-28 05:09:49 +02:00
|
|
|
} else if (pchRet1[1] == SOCKS5Method::NOAUTH) {
|
2015-03-16 16:30:49 +01:00
|
|
|
// Perform no authentication
|
|
|
|
} else {
|
|
|
|
return error("Proxy requested wrong authentication method %02x", pchRet1[1]);
|
|
|
|
}
|
|
|
|
std::vector<uint8_t> vSocks5;
|
2017-09-28 05:09:49 +02:00
|
|
|
vSocks5.push_back(SOCKSVersion::SOCKS5); // VER protocol version
|
|
|
|
vSocks5.push_back(SOCKS5Command::CONNECT); // CMD CONNECT
|
|
|
|
vSocks5.push_back(0x00); // RSV Reserved must be 0
|
|
|
|
vSocks5.push_back(SOCKS5Atyp::DOMAINNAME); // ATYP DOMAINNAME
|
2015-03-16 16:30:49 +01:00
|
|
|
vSocks5.push_back(strDest.size()); // Length<=255 is checked at beginning of function
|
|
|
|
vSocks5.insert(vSocks5.end(), strDest.begin(), strDest.end());
|
|
|
|
vSocks5.push_back((port >> 8) & 0xFF);
|
|
|
|
vSocks5.push_back((port >> 0) & 0xFF);
|
2022-10-26 13:25:11 +02:00
|
|
|
ret = sock.Send(vSocks5.data(), vSocks5.size(), MSG_NOSIGNAL);
|
2015-03-16 16:30:49 +01:00
|
|
|
if (ret != (ssize_t)vSocks5.size()) {
|
2012-04-01 20:25:48 +02:00
|
|
|
return error("Error sending to proxy");
|
|
|
|
}
|
2017-09-28 05:09:49 +02:00
|
|
|
uint8_t pchRet2[4];
|
2020-06-07 18:59:46 +02:00
|
|
|
if ((recvr = InterruptibleRecv(pchRet2, 4, g_socks5_recv_timeout, sock)) != IntrRecvError::OK) {
|
2019-01-03 10:18:47 +01:00
|
|
|
if (recvr == IntrRecvError::Timeout) {
|
|
|
|
/* If a timeout happens here, this effectively means we timed out while connecting
|
|
|
|
* to the remote node. This is very common for Tor, so do not print an
|
|
|
|
* error message. */
|
|
|
|
return false;
|
|
|
|
} else {
|
|
|
|
return error("Error while reading proxy response");
|
|
|
|
}
|
2012-04-01 20:25:48 +02:00
|
|
|
}
|
2017-09-28 05:09:49 +02:00
|
|
|
if (pchRet2[0] != SOCKSVersion::SOCKS5) {
|
2012-04-01 20:25:48 +02:00
|
|
|
return error("Proxy failed to accept request");
|
|
|
|
}
|
2017-09-28 05:09:49 +02:00
|
|
|
if (pchRet2[1] != SOCKS5Reply::SUCCEEDED) {
|
2016-05-19 08:45:27 +02:00
|
|
|
// Failures to connect to a peer that are not proxy errors
|
|
|
|
LogPrintf("Socks5() connect to %s:%d failed: %s\n", strDest, port, Socks5ErrorString(pchRet2[1]));
|
|
|
|
return false;
|
2012-04-01 20:25:48 +02:00
|
|
|
}
|
2017-09-28 05:09:49 +02:00
|
|
|
if (pchRet2[2] != 0x00) { // Reserved field must be 0
|
2012-04-01 20:25:48 +02:00
|
|
|
return error("Error: malformed proxy response");
|
|
|
|
}
|
2017-09-28 05:09:49 +02:00
|
|
|
uint8_t pchRet3[256];
|
2012-04-01 20:25:48 +02:00
|
|
|
switch (pchRet2[3])
|
|
|
|
{
|
2020-06-07 18:59:46 +02:00
|
|
|
case SOCKS5Atyp::IPV4: recvr = InterruptibleRecv(pchRet3, 4, g_socks5_recv_timeout, sock); break;
|
|
|
|
case SOCKS5Atyp::IPV6: recvr = InterruptibleRecv(pchRet3, 16, g_socks5_recv_timeout, sock); break;
|
2017-09-28 05:09:49 +02:00
|
|
|
case SOCKS5Atyp::DOMAINNAME:
|
2012-04-01 20:25:48 +02:00
|
|
|
{
|
2020-06-07 18:59:46 +02:00
|
|
|
recvr = InterruptibleRecv(pchRet3, 1, g_socks5_recv_timeout, sock);
|
2019-01-03 10:18:47 +01:00
|
|
|
if (recvr != IntrRecvError::OK) {
|
2012-04-01 20:25:48 +02:00
|
|
|
return error("Error reading from proxy");
|
2014-04-10 02:09:17 +02:00
|
|
|
}
|
2012-04-01 20:25:48 +02:00
|
|
|
int nRecv = pchRet3[0];
|
2020-06-07 18:59:46 +02:00
|
|
|
recvr = InterruptibleRecv(pchRet3, nRecv, g_socks5_recv_timeout, sock);
|
2012-04-01 20:25:48 +02:00
|
|
|
break;
|
|
|
|
}
|
2017-12-13 05:09:57 +01:00
|
|
|
default: return error("Error: malformed proxy response");
|
2012-04-01 20:25:48 +02:00
|
|
|
}
|
2019-01-03 10:18:47 +01:00
|
|
|
if (recvr != IntrRecvError::OK) {
|
2012-04-01 20:25:48 +02:00
|
|
|
return error("Error reading from proxy");
|
|
|
|
}
|
2020-06-07 18:59:46 +02:00
|
|
|
if ((recvr = InterruptibleRecv(pchRet3, 2, g_socks5_recv_timeout, sock)) != IntrRecvError::OK) {
|
2012-04-01 20:25:48 +02:00
|
|
|
return error("Error reading from proxy");
|
|
|
|
}
|
2019-05-22 23:51:39 +02:00
|
|
|
LogPrint(BCLog::NET, "SOCKS5 connected %s\n", strDest);
|
2012-04-01 20:25:48 +02:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2022-10-26 13:25:11 +02:00
|
|
|
std::unique_ptr<Sock> CreateSockTCP(const CService& address_family)
|
2012-01-03 23:33:31 +01:00
|
|
|
{
|
2019-07-15 21:21:10 +02:00
|
|
|
// Create a sockaddr from the specified service.
|
2012-05-11 15:28:59 +02:00
|
|
|
struct sockaddr_storage sockaddr;
|
|
|
|
socklen_t len = sizeof(sockaddr);
|
2022-10-26 13:25:11 +02:00
|
|
|
if (!address_family.GetSockAddr((struct sockaddr*)&sockaddr, &len)) {
|
2024-09-07 00:10:55 +02:00
|
|
|
LogPrintf("Cannot create socket for %s: unsupported network\n", address_family.ToStringAddrPort());
|
2022-10-26 13:25:11 +02:00
|
|
|
return nullptr;
|
2012-03-31 17:58:25 +02:00
|
|
|
}
|
|
|
|
|
2019-07-15 21:21:10 +02:00
|
|
|
// Create a TCP socket in the address family of the specified service.
|
2012-05-11 15:28:59 +02:00
|
|
|
SOCKET hSocket = socket(((struct sockaddr*)&sockaddr)->sa_family, SOCK_STREAM, IPPROTO_TCP);
|
2022-10-26 13:25:11 +02:00
|
|
|
if (hSocket == INVALID_SOCKET) {
|
|
|
|
return nullptr;
|
|
|
|
}
|
2017-12-13 05:09:57 +01:00
|
|
|
|
2024-04-29 13:48:02 +02:00
|
|
|
auto sock = std::make_unique<Sock>(hSocket);
|
|
|
|
|
2019-07-15 21:21:10 +02:00
|
|
|
// Ensure that waiting for I/O on this socket won't result in undefined
|
|
|
|
// behavior.
|
2024-04-29 13:48:02 +02:00
|
|
|
if (!IsSelectableSocket(sock->Get())) {
|
2017-12-13 05:09:57 +01:00
|
|
|
LogPrintf("Cannot create connection: non-selectable socket created (fd >= FD_SETSIZE ?)\n");
|
2022-10-26 13:25:11 +02:00
|
|
|
return nullptr;
|
2017-12-13 05:09:57 +01:00
|
|
|
}
|
2014-07-09 11:00:00 +02:00
|
|
|
|
2015-10-22 01:52:29 +02:00
|
|
|
#ifdef SO_NOSIGPIPE
|
2017-05-18 02:26:54 +02:00
|
|
|
int set = 1;
|
2019-07-15 21:21:10 +02:00
|
|
|
// Set the no-sigpipe option on the socket for BSD systems, other UNIXes
|
|
|
|
// should use the MSG_NOSIGNAL flag for every send.
|
2024-04-29 13:48:02 +02:00
|
|
|
if (sock->SetSockOpt(SOL_SOCKET, SO_NOSIGPIPE, (void*)&set, sizeof(int)) == SOCKET_ERROR) {
|
|
|
|
LogPrintf("Error setting SO_NOSIGPIPE on socket: %s, continuing anyway\n",
|
|
|
|
NetworkErrorString(WSAGetLastError()));
|
|
|
|
}
|
2012-01-03 23:33:31 +01:00
|
|
|
#endif
|
|
|
|
|
2019-07-15 21:21:10 +02:00
|
|
|
// Set the no-delay option (disable Nagle's algorithm) on the TCP socket.
|
2024-04-29 13:48:02 +02:00
|
|
|
const int on{1};
|
|
|
|
if (sock->SetSockOpt(IPPROTO_TCP, TCP_NODELAY, &on, sizeof(on)) == SOCKET_ERROR) {
|
|
|
|
LogPrint(BCLog::NET, "Unable to set TCP_NODELAY on a newly created socket, continuing anyway\n");
|
|
|
|
}
|
2015-10-22 01:52:29 +02:00
|
|
|
|
2019-07-15 21:21:10 +02:00
|
|
|
// Set the non-blocking option on the socket.
|
2024-04-29 13:48:02 +02:00
|
|
|
if (!SetSocketNonBlocking(sock->Get())) {
|
2022-10-26 13:25:11 +02:00
|
|
|
LogPrintf("Error setting socket to non-blocking: %s\n", NetworkErrorString(WSAGetLastError()));
|
|
|
|
return nullptr;
|
2017-07-24 14:58:25 +02:00
|
|
|
}
|
2024-04-29 13:48:02 +02:00
|
|
|
return sock;
|
2017-12-13 05:09:57 +01:00
|
|
|
}
|
2012-01-03 23:33:31 +01:00
|
|
|
|
2022-10-26 13:25:11 +02:00
|
|
|
std::function<std::unique_ptr<Sock>(const CService&)> CreateSock = CreateSockTCP;
|
|
|
|
|
2018-04-13 19:15:35 +02:00
|
|
|
template<typename... Args>
|
|
|
|
static void LogConnectFailure(bool manual_connection, const char* fmt, const Args&... args) {
|
|
|
|
std::string error_message = tfm::format(fmt, args...);
|
|
|
|
if (manual_connection) {
|
|
|
|
LogPrintf("%s\n", error_message);
|
|
|
|
} else {
|
|
|
|
LogPrint(BCLog::NET, "%s\n", error_message);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-07-14 17:11:45 +02:00
|
|
|
bool ConnectSocketDirectly(const CService &addrConnect, const Sock& sock, int nTimeout, bool manual_connection)
|
2017-12-13 05:09:57 +01:00
|
|
|
{
|
2019-07-15 21:21:10 +02:00
|
|
|
// Create a sockaddr from the specified service.
|
2017-12-13 05:09:57 +01:00
|
|
|
struct sockaddr_storage sockaddr;
|
|
|
|
socklen_t len = sizeof(sockaddr);
|
2023-07-14 17:11:45 +02:00
|
|
|
if (sock.Get() == INVALID_SOCKET) {
|
2024-09-07 00:10:55 +02:00
|
|
|
LogPrintf("Cannot connect to %s: invalid socket\n", addrConnect.ToStringAddrPort());
|
2017-12-13 05:09:57 +01:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
if (!addrConnect.GetSockAddr((struct sockaddr*)&sockaddr, &len)) {
|
2024-09-07 00:10:55 +02:00
|
|
|
LogPrintf("Cannot connect to %s: unsupported network\n", addrConnect.ToStringAddrPort());
|
2017-12-13 05:09:57 +01:00
|
|
|
return false;
|
|
|
|
}
|
2019-07-15 21:21:10 +02:00
|
|
|
|
|
|
|
// Connect to the addrConnect service on the hSocket socket.
|
2023-07-14 17:11:45 +02:00
|
|
|
if (sock.Connect(reinterpret_cast<struct sockaddr*>(&sockaddr), len) == SOCKET_ERROR) {
|
2014-06-22 20:17:15 +02:00
|
|
|
int nErr = WSAGetLastError();
|
2012-01-03 23:33:31 +01:00
|
|
|
// WSAEINVAL is here because some legacy version of winsock uses it
|
2014-06-22 20:17:15 +02:00
|
|
|
if (nErr == WSAEINPROGRESS || nErr == WSAEWOULDBLOCK || nErr == WSAEINVAL)
|
2012-01-03 23:33:31 +01:00
|
|
|
{
|
2019-07-15 21:21:10 +02:00
|
|
|
// Connection didn't actually fail, but is being established
|
|
|
|
// asynchronously. Thus, use async I/O api (select/poll)
|
|
|
|
// synchronously to check for successful connection with a timeout.
|
2023-07-14 17:11:45 +02:00
|
|
|
const Sock::Event requested = Sock::RECV | Sock::SEND;
|
|
|
|
Sock::Event occurred;
|
|
|
|
if (!sock.Wait(std::chrono::milliseconds{nTimeout}, requested, &occurred)) {
|
|
|
|
LogPrintf("wait for connect to %s failed: %s\n",
|
2024-09-07 00:10:55 +02:00
|
|
|
addrConnect.ToStringAddrPort(),
|
2023-07-14 17:11:45 +02:00
|
|
|
NetworkErrorString(WSAGetLastError()));
|
2012-01-03 23:33:31 +01:00
|
|
|
return false;
|
2023-07-14 17:11:45 +02:00
|
|
|
} else if (occurred == 0) {
|
2024-09-07 00:10:55 +02:00
|
|
|
LogPrint(BCLog::NET, "connection attempt to %s timed out\n", addrConnect.ToStringAddrPort());
|
2012-01-03 23:33:31 +01:00
|
|
|
return false;
|
|
|
|
}
|
2019-07-15 21:21:10 +02:00
|
|
|
|
2023-07-14 17:11:45 +02:00
|
|
|
// Even if the wait was successful, the connect might not
|
2019-07-15 21:21:10 +02:00
|
|
|
// have been successful. The reason for this failure is hidden away
|
|
|
|
// in the SO_ERROR for the socket in modern systems. We read it into
|
2023-07-14 17:11:45 +02:00
|
|
|
// sockerr here.
|
|
|
|
int sockerr;
|
|
|
|
socklen_t sockerr_len = sizeof(sockerr);
|
|
|
|
if (sock.GetSockOpt(SOL_SOCKET, SO_ERROR, (sockopt_arg_type)&sockerr, &sockerr_len) ==
|
|
|
|
SOCKET_ERROR) {
|
2024-09-07 00:10:55 +02:00
|
|
|
LogPrintf("getsockopt() for %s failed: %s\n", addrConnect.ToStringAddrPort(), NetworkErrorString(WSAGetLastError()));
|
2012-01-03 23:33:31 +01:00
|
|
|
return false;
|
|
|
|
}
|
2023-07-14 17:11:45 +02:00
|
|
|
if (sockerr != 0) {
|
|
|
|
LogConnectFailure(manual_connection,
|
|
|
|
"connect() to %s failed after wait: %s",
|
2024-09-07 00:10:55 +02:00
|
|
|
addrConnect.ToStringAddrPort(),
|
2023-07-14 17:11:45 +02:00
|
|
|
NetworkErrorString(sockerr));
|
2012-01-03 23:33:31 +01:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
#ifdef WIN32
|
|
|
|
else if (WSAGetLastError() != WSAEISCONN)
|
|
|
|
#else
|
|
|
|
else
|
|
|
|
#endif
|
|
|
|
{
|
2024-09-07 00:10:55 +02:00
|
|
|
LogConnectFailure(manual_connection, "connect() to %s failed: %s", addrConnect.ToStringAddrPort(), NetworkErrorString(WSAGetLastError()));
|
2012-01-03 23:33:31 +01:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
2012-04-19 17:02:21 +02:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2021-08-30 14:33:29 +02:00
|
|
|
bool SetProxy(enum Network net, const Proxy &addrProxy) {
|
2012-05-24 19:02:21 +02:00
|
|
|
assert(net >= 0 && net < NET_MAX);
|
2014-06-11 13:20:59 +02:00
|
|
|
if (!addrProxy.IsValid())
|
2012-05-24 19:02:21 +02:00
|
|
|
return false;
|
Merge #19190: refactor: Replace RecursiveMutex with Mutex in netbase.cpp
78c8f4fe11706cf5c165777c2ca122bd933b8b6a refactor: Replace RecursiveMutex with Mutex in netbase.cpp (Hennadii Stepanov)
Pull request description:
The functions that could lock this mutex, i.e., `{S,G}etProxy()`, `{S,G}etNameProxy()`, `HaveNameProxy()`, `IsProxy()`, do not call itself recursively, and do not call each other either directly or indirectly. Therefore, the `g_proxyinfo_mutex` could be a non-recursive mutex.
Related to #19180.
ACKs for top commit:
MarcoFalke:
ACK 78c8f4fe11706cf5c165777c2ca122bd933b8b6a , reviewed with the -W git option 👮
vasild:
ACK 78c8f4fe verified that recursion does not happen
Tree-SHA512: fc077fb371f38af5d05f1383c6bebf9926167c257892936fefd2d4fe6f679ca40124d25099e09f645d8ec266df222f96c5d0f9fd39eddcad15cbde0b427bc205
2020-06-08 13:00:59 +02:00
|
|
|
LOCK(g_proxyinfo_mutex);
|
2014-06-11 13:20:59 +02:00
|
|
|
proxyInfo[net] = addrProxy;
|
2012-05-24 19:02:21 +02:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2021-08-30 14:33:29 +02:00
|
|
|
bool GetProxy(enum Network net, Proxy &proxyInfoOut) {
|
2012-05-24 19:02:21 +02:00
|
|
|
assert(net >= 0 && net < NET_MAX);
|
Merge #19190: refactor: Replace RecursiveMutex with Mutex in netbase.cpp
78c8f4fe11706cf5c165777c2ca122bd933b8b6a refactor: Replace RecursiveMutex with Mutex in netbase.cpp (Hennadii Stepanov)
Pull request description:
The functions that could lock this mutex, i.e., `{S,G}etProxy()`, `{S,G}etNameProxy()`, `HaveNameProxy()`, `IsProxy()`, do not call itself recursively, and do not call each other either directly or indirectly. Therefore, the `g_proxyinfo_mutex` could be a non-recursive mutex.
Related to #19180.
ACKs for top commit:
MarcoFalke:
ACK 78c8f4fe11706cf5c165777c2ca122bd933b8b6a , reviewed with the -W git option 👮
vasild:
ACK 78c8f4fe verified that recursion does not happen
Tree-SHA512: fc077fb371f38af5d05f1383c6bebf9926167c257892936fefd2d4fe6f679ca40124d25099e09f645d8ec266df222f96c5d0f9fd39eddcad15cbde0b427bc205
2020-06-08 13:00:59 +02:00
|
|
|
LOCK(g_proxyinfo_mutex);
|
2014-06-11 13:20:59 +02:00
|
|
|
if (!proxyInfo[net].IsValid())
|
2012-05-24 19:02:21 +02:00
|
|
|
return false;
|
2012-09-23 12:55:05 +02:00
|
|
|
proxyInfoOut = proxyInfo[net];
|
2012-05-24 19:02:21 +02:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2021-08-30 14:33:29 +02:00
|
|
|
bool SetNameProxy(const Proxy &addrProxy) {
|
2014-06-11 13:20:59 +02:00
|
|
|
if (!addrProxy.IsValid())
|
2012-05-24 19:02:21 +02:00
|
|
|
return false;
|
Merge #19190: refactor: Replace RecursiveMutex with Mutex in netbase.cpp
78c8f4fe11706cf5c165777c2ca122bd933b8b6a refactor: Replace RecursiveMutex with Mutex in netbase.cpp (Hennadii Stepanov)
Pull request description:
The functions that could lock this mutex, i.e., `{S,G}etProxy()`, `{S,G}etNameProxy()`, `HaveNameProxy()`, `IsProxy()`, do not call itself recursively, and do not call each other either directly or indirectly. Therefore, the `g_proxyinfo_mutex` could be a non-recursive mutex.
Related to #19180.
ACKs for top commit:
MarcoFalke:
ACK 78c8f4fe11706cf5c165777c2ca122bd933b8b6a , reviewed with the -W git option 👮
vasild:
ACK 78c8f4fe verified that recursion does not happen
Tree-SHA512: fc077fb371f38af5d05f1383c6bebf9926167c257892936fefd2d4fe6f679ca40124d25099e09f645d8ec266df222f96c5d0f9fd39eddcad15cbde0b427bc205
2020-06-08 13:00:59 +02:00
|
|
|
LOCK(g_proxyinfo_mutex);
|
2014-06-11 13:20:59 +02:00
|
|
|
nameProxy = addrProxy;
|
2012-05-24 19:02:21 +02:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
2021-08-30 14:33:29 +02:00
|
|
|
bool GetNameProxy(Proxy &nameProxyOut) {
|
Merge #19190: refactor: Replace RecursiveMutex with Mutex in netbase.cpp
78c8f4fe11706cf5c165777c2ca122bd933b8b6a refactor: Replace RecursiveMutex with Mutex in netbase.cpp (Hennadii Stepanov)
Pull request description:
The functions that could lock this mutex, i.e., `{S,G}etProxy()`, `{S,G}etNameProxy()`, `HaveNameProxy()`, `IsProxy()`, do not call itself recursively, and do not call each other either directly or indirectly. Therefore, the `g_proxyinfo_mutex` could be a non-recursive mutex.
Related to #19180.
ACKs for top commit:
MarcoFalke:
ACK 78c8f4fe11706cf5c165777c2ca122bd933b8b6a , reviewed with the -W git option 👮
vasild:
ACK 78c8f4fe verified that recursion does not happen
Tree-SHA512: fc077fb371f38af5d05f1383c6bebf9926167c257892936fefd2d4fe6f679ca40124d25099e09f645d8ec266df222f96c5d0f9fd39eddcad15cbde0b427bc205
2020-06-08 13:00:59 +02:00
|
|
|
LOCK(g_proxyinfo_mutex);
|
2014-06-11 13:20:59 +02:00
|
|
|
if(!nameProxy.IsValid())
|
2012-09-23 12:55:05 +02:00
|
|
|
return false;
|
2014-06-11 13:20:59 +02:00
|
|
|
nameProxyOut = nameProxy;
|
2012-09-23 12:55:05 +02:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
bool HaveNameProxy() {
|
Merge #19190: refactor: Replace RecursiveMutex with Mutex in netbase.cpp
78c8f4fe11706cf5c165777c2ca122bd933b8b6a refactor: Replace RecursiveMutex with Mutex in netbase.cpp (Hennadii Stepanov)
Pull request description:
The functions that could lock this mutex, i.e., `{S,G}etProxy()`, `{S,G}etNameProxy()`, `HaveNameProxy()`, `IsProxy()`, do not call itself recursively, and do not call each other either directly or indirectly. Therefore, the `g_proxyinfo_mutex` could be a non-recursive mutex.
Related to #19180.
ACKs for top commit:
MarcoFalke:
ACK 78c8f4fe11706cf5c165777c2ca122bd933b8b6a , reviewed with the -W git option 👮
vasild:
ACK 78c8f4fe verified that recursion does not happen
Tree-SHA512: fc077fb371f38af5d05f1383c6bebf9926167c257892936fefd2d4fe6f679ca40124d25099e09f645d8ec266df222f96c5d0f9fd39eddcad15cbde0b427bc205
2020-06-08 13:00:59 +02:00
|
|
|
LOCK(g_proxyinfo_mutex);
|
2014-06-11 13:20:59 +02:00
|
|
|
return nameProxy.IsValid();
|
2012-05-24 19:02:21 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
bool IsProxy(const CNetAddr &addr) {
|
Merge #19190: refactor: Replace RecursiveMutex with Mutex in netbase.cpp
78c8f4fe11706cf5c165777c2ca122bd933b8b6a refactor: Replace RecursiveMutex with Mutex in netbase.cpp (Hennadii Stepanov)
Pull request description:
The functions that could lock this mutex, i.e., `{S,G}etProxy()`, `{S,G}etNameProxy()`, `HaveNameProxy()`, `IsProxy()`, do not call itself recursively, and do not call each other either directly or indirectly. Therefore, the `g_proxyinfo_mutex` could be a non-recursive mutex.
Related to #19180.
ACKs for top commit:
MarcoFalke:
ACK 78c8f4fe11706cf5c165777c2ca122bd933b8b6a , reviewed with the -W git option 👮
vasild:
ACK 78c8f4fe verified that recursion does not happen
Tree-SHA512: fc077fb371f38af5d05f1383c6bebf9926167c257892936fefd2d4fe6f679ca40124d25099e09f645d8ec266df222f96c5d0f9fd39eddcad15cbde0b427bc205
2020-06-08 13:00:59 +02:00
|
|
|
LOCK(g_proxyinfo_mutex);
|
2012-09-23 12:55:05 +02:00
|
|
|
for (int i = 0; i < NET_MAX; i++) {
|
2018-02-07 22:15:16 +01:00
|
|
|
if (addr == static_cast<CNetAddr>(proxyInfo[i].proxy))
|
2012-05-24 19:02:21 +02:00
|
|
|
return true;
|
|
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
2021-08-30 14:33:29 +02:00
|
|
|
bool ConnectThroughProxy(const Proxy& proxy, const std::string& strDest, uint16_t port, const Sock& sock, int nTimeout, bool& outProxyConnectionFailed)
|
2012-04-19 17:02:21 +02:00
|
|
|
{
|
2012-05-24 19:02:21 +02:00
|
|
|
// first connect to proxy server
|
2023-07-14 17:11:45 +02:00
|
|
|
if (!ConnectSocketDirectly(proxy.proxy, sock, nTimeout, true)) {
|
Merge #17754: net: Don't allow resolving of std::string with embedded NUL characters. Add tests.
7a046cdc1423963bdcbcf9bb98560af61fa90b37 tests: Avoid using C-style NUL-terminated strings as arguments (practicalswift)
fefb9165f23fe9d10ad092ec31715f906e0d2ee7 tests: Add tests to make sure lookup methods fail on std::string parameters with embedded NUL characters (practicalswift)
9574de86ad703ad942cdd0eca79f48c0d42b102b net: Avoid using C-style NUL-terminated strings as arguments in the netbase interface (practicalswift)
Pull request description:
Don't allow resolving of `std::string`:s with embedded `NUL` characters.
Avoid using C-style `NUL`-terminated strings as arguments in the `netbase` interface
Add tests.
The only place in where C-style `NUL`-terminated strings are actually needed is here:
```diff
+ if (!ValidAsCString(name)) {
+ return false;
+ }
...
- int nErr = getaddrinfo(pszName, nullptr, &aiHint, &aiRes);
+ int nErr = getaddrinfo(name.c_str(), nullptr, &aiHint, &aiRes);
if (nErr)
return false;
```
Interface changes:
```diff
-bool LookupHost(const char *pszName, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
+bool LookupHost(const std::string& name, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
-bool LookupHost(const char *pszName, CNetAddr& addr, bool fAllowLookup);
+bool LookupHost(const std::string& name, CNetAddr& addr, bool fAllowLookup);
-bool Lookup(const char *pszName, CService& addr, int portDefault, bool fAllowLookup);
+bool Lookup(const std::string& name, CService& addr, int portDefault, bool fAllowLookup);
-bool Lookup(const char *pszName, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
+bool Lookup(const std::string& name, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
-bool LookupSubNet(const char *pszName, CSubNet& subnet);
+bool LookupSubNet(const std::string& strSubnet, CSubNet& subnet);
-CService LookupNumeric(const char *pszName, int portDefault = 0);
+CService LookupNumeric(const std::string& name, int portDefault = 0);
-bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool *outProxyConnectionFailed);
+bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool& outProxyConnectionFailed);
```
It should be noted that the `ConnectThroughProxy` change (from `bool *outProxyConnectionFailed` to `bool& outProxyConnectionFailed`) has nothing to do with `NUL` handling but I thought it was worth doing when touching this file :)
ACKs for top commit:
EthanHeilman:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
laanwj:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
Tree-SHA512: 66556e290db996917b54091acd591df221f72230f6b9f6b167b9195ee870ebef6e26f4cda2f6f54d00e1c362e1743bf56785d0de7cae854e6bf7d26f6caccaba
2020-01-22 20:14:12 +01:00
|
|
|
outProxyConnectionFailed = true;
|
2012-05-24 19:02:21 +02:00
|
|
|
return false;
|
2014-12-02 17:43:42 +01:00
|
|
|
}
|
2012-05-24 19:02:21 +02:00
|
|
|
// do socks negotiation
|
2015-03-16 16:30:49 +01:00
|
|
|
if (proxy.randomize_credentials) {
|
|
|
|
ProxyCredentials random_auth;
|
2017-07-14 23:33:10 +02:00
|
|
|
static std::atomic_int counter(0);
|
2016-10-18 15:38:44 +02:00
|
|
|
random_auth.username = random_auth.password = strprintf("%i", counter++);
|
2021-03-01 21:35:28 +01:00
|
|
|
if (!Socks5(strDest, port, &random_auth, sock)) {
|
2015-03-16 16:30:49 +01:00
|
|
|
return false;
|
2017-12-13 05:09:57 +01:00
|
|
|
}
|
2015-03-16 16:30:49 +01:00
|
|
|
} else {
|
2021-03-01 21:35:28 +01:00
|
|
|
if (!Socks5(strDest, port, 0, sock)) {
|
2015-03-16 16:30:49 +01:00
|
|
|
return false;
|
2017-12-13 05:09:57 +01:00
|
|
|
}
|
2015-03-16 16:30:49 +01:00
|
|
|
}
|
2012-01-03 23:33:31 +01:00
|
|
|
return true;
|
|
|
|
}
|
2018-04-13 19:15:35 +02:00
|
|
|
|
2021-12-18 15:26:22 +01:00
|
|
|
bool LookupSubNet(const std::string& subnet_str, CSubNet& subnet_out)
|
2014-04-28 11:08:57 +02:00
|
|
|
{
|
2021-12-18 15:26:22 +01:00
|
|
|
if (!ValidAsCString(subnet_str)) {
|
Merge #17754: net: Don't allow resolving of std::string with embedded NUL characters. Add tests.
7a046cdc1423963bdcbcf9bb98560af61fa90b37 tests: Avoid using C-style NUL-terminated strings as arguments (practicalswift)
fefb9165f23fe9d10ad092ec31715f906e0d2ee7 tests: Add tests to make sure lookup methods fail on std::string parameters with embedded NUL characters (practicalswift)
9574de86ad703ad942cdd0eca79f48c0d42b102b net: Avoid using C-style NUL-terminated strings as arguments in the netbase interface (practicalswift)
Pull request description:
Don't allow resolving of `std::string`:s with embedded `NUL` characters.
Avoid using C-style `NUL`-terminated strings as arguments in the `netbase` interface
Add tests.
The only place in where C-style `NUL`-terminated strings are actually needed is here:
```diff
+ if (!ValidAsCString(name)) {
+ return false;
+ }
...
- int nErr = getaddrinfo(pszName, nullptr, &aiHint, &aiRes);
+ int nErr = getaddrinfo(name.c_str(), nullptr, &aiHint, &aiRes);
if (nErr)
return false;
```
Interface changes:
```diff
-bool LookupHost(const char *pszName, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
+bool LookupHost(const std::string& name, std::vector<CNetAddr>& vIP, unsigned int nMaxSolutions, bool fAllowLookup);
-bool LookupHost(const char *pszName, CNetAddr& addr, bool fAllowLookup);
+bool LookupHost(const std::string& name, CNetAddr& addr, bool fAllowLookup);
-bool Lookup(const char *pszName, CService& addr, int portDefault, bool fAllowLookup);
+bool Lookup(const std::string& name, CService& addr, int portDefault, bool fAllowLookup);
-bool Lookup(const char *pszName, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
+bool Lookup(const std::string& name, std::vector<CService>& vAddr, int portDefault, bool fAllowLookup, unsigned int nMaxSolutions);
-bool LookupSubNet(const char *pszName, CSubNet& subnet);
+bool LookupSubNet(const std::string& strSubnet, CSubNet& subnet);
-CService LookupNumeric(const char *pszName, int portDefault = 0);
+CService LookupNumeric(const std::string& name, int portDefault = 0);
-bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool *outProxyConnectionFailed);
+bool ConnectThroughProxy(const proxyType &proxy, const std::string& strDest, int port, const SOCKET& hSocketRet, int nTimeout, bool& outProxyConnectionFailed);
```
It should be noted that the `ConnectThroughProxy` change (from `bool *outProxyConnectionFailed` to `bool& outProxyConnectionFailed`) has nothing to do with `NUL` handling but I thought it was worth doing when touching this file :)
ACKs for top commit:
EthanHeilman:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
laanwj:
ACK 7a046cdc1423963bdcbcf9bb98560af61fa90b37
Tree-SHA512: 66556e290db996917b54091acd591df221f72230f6b9f6b167b9195ee870ebef6e26f4cda2f6f54d00e1c362e1743bf56785d0de7cae854e6bf7d26f6caccaba
2020-01-22 20:14:12 +01:00
|
|
|
return false;
|
|
|
|
}
|
2014-04-28 11:08:57 +02:00
|
|
|
|
2021-12-18 15:26:22 +01:00
|
|
|
const size_t slash_pos{subnet_str.find_last_of('/')};
|
|
|
|
const std::string str_addr{subnet_str.substr(0, slash_pos)};
|
2024-09-11 20:34:06 +02:00
|
|
|
const std::optional<CNetAddr> addr{LookupHost(str_addr, /*fAllowLookup=*/false)};
|
2021-12-18 15:26:22 +01:00
|
|
|
|
2024-09-11 20:34:06 +02:00
|
|
|
if (addr.has_value()) {
|
2021-12-18 15:26:22 +01:00
|
|
|
if (slash_pos != subnet_str.npos) {
|
|
|
|
const std::string netmask_str{subnet_str.substr(slash_pos + 1)};
|
|
|
|
uint8_t netmask;
|
|
|
|
if (ParseUInt8(netmask_str, &netmask)) {
|
|
|
|
// Valid number; assume CIDR variable-length subnet masking.
|
2024-09-11 20:34:06 +02:00
|
|
|
subnet_out = CSubNet{addr.value(), netmask};
|
2021-12-18 15:26:22 +01:00
|
|
|
return subnet_out.IsValid();
|
|
|
|
} else {
|
|
|
|
// Invalid number; try full netmask syntax. Never allow lookup for netmask.
|
2024-09-11 20:34:06 +02:00
|
|
|
const std::optional<CNetAddr> full_netmask{LookupHost(netmask_str, /*fAllowLookup=*/false)};
|
|
|
|
if (full_netmask.has_value()) {
|
|
|
|
subnet_out = CSubNet{addr.value(), full_netmask.value()};
|
2021-12-18 15:26:22 +01:00
|
|
|
return subnet_out.IsValid();
|
2014-04-28 11:08:57 +02:00
|
|
|
}
|
|
|
|
}
|
2021-12-18 15:26:22 +01:00
|
|
|
} else {
|
|
|
|
// Single IP subnet (<ipv4>/32 or <ipv6>/128).
|
2024-09-11 20:34:06 +02:00
|
|
|
subnet_out = CSubNet{addr.value()};
|
2021-12-18 15:26:22 +01:00
|
|
|
return subnet_out.IsValid();
|
2017-09-03 15:29:10 +02:00
|
|
|
}
|
2015-06-25 10:47:34 +02:00
|
|
|
}
|
2017-09-03 15:29:10 +02:00
|
|
|
return false;
|
2015-05-25 20:03:51 +02:00
|
|
|
}
|
|
|
|
|
2022-04-14 10:05:00 +02:00
|
|
|
bool SetSocketNonBlocking(const SOCKET& hSocket)
|
2014-07-09 11:00:00 +02:00
|
|
|
{
|
|
|
|
#ifdef WIN32
|
2022-04-14 10:05:00 +02:00
|
|
|
u_long nOne = 1;
|
|
|
|
if (ioctlsocket(hSocket, FIONBIO, &nOne) == SOCKET_ERROR) {
|
2014-07-09 11:00:00 +02:00
|
|
|
#else
|
2022-04-14 10:05:00 +02:00
|
|
|
int fFlags = fcntl(hSocket, F_GETFL, 0);
|
|
|
|
if (fcntl(hSocket, F_SETFL, fFlags | O_NONBLOCK) == SOCKET_ERROR) {
|
2014-07-09 11:00:00 +02:00
|
|
|
#endif
|
2022-04-14 10:05:00 +02:00
|
|
|
return false;
|
2014-07-09 11:00:00 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
|
|
}
|
2017-08-09 18:06:31 +02:00
|
|
|
|
|
|
|
void InterruptSocks5(bool interrupt)
|
|
|
|
{
|
|
|
|
interruptSocks5Recv = interrupt;
|
|
|
|
}
|