1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License, Version 1.0 only 6 * (the "License"). You may not use this file except in compliance 7 * with the License. 8 * 9 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 * or http://www.opensolaris.org/os/licensing. 11 * See the License for the specific language governing permissions 12 * and limitations under the License. 13 * 14 * When distributing Covered Code, include this CDDL HEADER in each 15 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 * If applicable, add the following below this CDDL HEADER, with the 17 * fields enclosed by brackets "[]" replaced with your own identifying 18 * information: Portions Copyright [yyyy] [name of copyright owner] 19 * 20 * CDDL HEADER END 21 * 22 * Copyright 2003 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #pragma ident "%Z%%M% %I% %E% SMI" 27 28 /* 29 * An http client that let's users 'ssh' to the 30 * outside of the firewall by opening up a connection 31 * through the http proxy. 32 */ 33 34 #include <stdio.h> 35 #include <stdlib.h> 36 #include <string.h> 37 #include <netdb.h> 38 #include <strings.h> 39 #include <unistd.h> 40 #include <inttypes.h> 41 #include <errno.h> 42 #include <poll.h> 43 #include <signal.h> 44 #include <locale.h> 45 #include <libintl.h> 46 #include <netinet/in.h> 47 #include <sys/types.h> 48 #include <sys/socket.h> 49 #include <arpa/inet.h> 50 #include <sys/time.h> 51 #include <sys/stropts.h> 52 #include <sys/stat.h> 53 #include <sys/varargs.h> 54 #include "proxy-io.h" 55 56 #define DEFAULT_HTTPPROXYPORT "80" 57 #define CONNECT_STRLEN 256 58 59 static int debug_flag = 0; 60 61 static void 62 usage(void) 63 { 64 (void) fprintf(stderr, gettext("Usage: ssh-http-proxy-connect " 65 "[-h http_proxy_host] [-p http_proxy_port]\n" 66 "remote_host remote_port\n")); 67 exit(1); 68 } 69 70 /* PRINTFLIKE1 */ 71 static void 72 debug(const char *format, ...) 73 { 74 char fmtbuf[BUFFER_SIZ]; 75 va_list args; 76 77 if (debug_flag == 0) { 78 return; 79 } 80 va_start(args, format); 81 (void) snprintf(fmtbuf, sizeof (fmtbuf), 82 "ssh-http-proxy: %s\n", format); 83 (void) vfprintf(stderr, fmtbuf, args); 84 va_end(args); 85 } 86 87 static void 88 signal_handler(int sig) 89 { 90 exit(0); 91 } 92 93 int 94 main(int argc, char **argv) 95 { 96 extern char *optarg; 97 extern int optind; 98 int retval, err_code, sock, ssh_port; 99 int version, ret_code; 100 char *httpproxy = NULL; 101 char *temp, *httpproxyport = NULL; 102 char *ssh_host; 103 char connect_str[CONNECT_STRLEN], connect_reply[BUFFER_SIZ]; 104 char *ret_string; 105 struct addrinfo hints, *ai; 106 struct pollfd fds[2]; 107 108 /* Initialization for variables, set locale and textdomain */ 109 110 (void) setlocale(LC_ALL, ""); 111 112 #if !defined(TEXT_DOMAIN) /* Should be defined by cc -D */ 113 #define TEXT_DOMAIN "SYS_TEST" /* Use this only if it weren't */ 114 #endif 115 (void) textdomain(TEXT_DOMAIN); 116 117 /* Set up the signal handler */ 118 (void) signal(SIGINT, signal_handler); 119 (void) signal(SIGPIPE, signal_handler); 120 (void) signal(SIGPOLL, signal_handler); 121 122 while ((retval = getopt(argc, argv, "dp:h:")) != -1) { 123 switch (retval) { 124 case 'h': 125 httpproxy = optarg; 126 break; 127 case 'p': 128 httpproxyport = optarg; 129 break; 130 case 'd': 131 debug_flag = 1; 132 break; 133 default: 134 break; 135 } 136 } 137 138 if (optind != argc - 2) { 139 usage(); 140 } 141 142 ssh_host = argv[optind++]; 143 ssh_port = atoi(argv[optind]); 144 145 /* 146 * If the name of the http proxy were not 147 * passed on the command line, try the 148 * user's environment. First try HTTPPROXY. 149 * If it's not set, try http_proxy. 150 * Check the url specified for http_proxy 151 * for errors. 152 */ 153 if (httpproxy == NULL) { 154 if ((httpproxy = getenv("HTTPPROXY")) == NULL) { 155 /* Try the other environment variable http_proxy */ 156 if ((temp = getenv("http_proxy")) != NULL) { 157 temp += strlen("http://"); 158 if (strpbrk(temp, ":") == NULL) { 159 /* Malformed url */ 160 (void) fprintf(stderr, gettext("ssh-http-proxy: " 161 "Incorrect url specified for http_proxy " 162 "environment variable\n")); 163 exit(1); 164 } 165 httpproxy = strtok(temp, ":"); 166 httpproxyport = strtok(NULL, "/"); 167 } else { 168 (void) fprintf(stderr, 169 gettext("ssh-http-proxy: http proxy not specified\n")); 170 exit(1); 171 } 172 } 173 } 174 175 /* 176 * Extract the proxy port number from the user's environment. 177 * Ignored if HTTPPROXY is not set. 178 */ 179 if ((httpproxy != NULL) && (httpproxyport == NULL)) { 180 if ((httpproxyport = getenv("HTTPPROXYPORT")) == NULL) { 181 httpproxyport = DEFAULT_HTTPPROXYPORT; 182 } 183 } 184 185 debug("HTTPPROXY = %s", httpproxy); 186 debug("HTTPPROXYPORT = %s", httpproxyport); 187 188 bzero(&hints, sizeof (struct addrinfo)); 189 hints.ai_family = PF_UNSPEC; 190 hints.ai_socktype = SOCK_STREAM; 191 192 if ((err_code = getaddrinfo(httpproxy, httpproxyport, &hints, &ai)) 193 != 0) { 194 (void) fprintf(stderr, "ssh-http-proxy: Unable to " 195 "perform name lookup\n"); 196 (void) fprintf(stderr, "%s: %s\n", httpproxy, 197 gai_strerror(err_code)); 198 exit(1); 199 } 200 201 if ((sock = socket(ai->ai_family, SOCK_STREAM, 0)) < 0) { 202 perror("socket"); 203 exit(1); 204 } 205 206 /* Connect to the http proxy */ 207 if (connect(sock, ai->ai_addr, ai->ai_addrlen) == -1) { 208 (void) fprintf(stderr, gettext("ssh-http-proxy: Unable to connect" 209 " to %s: %s\n"), httpproxy, strerror(errno)); 210 (void) close(sock); 211 exit(1); 212 } else { 213 /* Successful connection. */ 214 (void) snprintf(connect_str, sizeof (connect_str), 215 "CONNECT %s:%d HTTP/1.1\r\n\r\n", ssh_host, ssh_port); 216 if (write(sock, &connect_str, strlen(connect_str)) < 0) { 217 perror("write"); 218 (void) close(sock); 219 exit(1); 220 } 221 222 if (read(sock, connect_reply, sizeof (connect_reply)) == -1) { 223 perror("read"); 224 (void) close(sock); 225 exit(1); 226 } 227 228 if (sscanf(connect_reply, "HTTP/1.%d %d", 229 &version, &ret_code) != 2) { 230 (void) fprintf(stderr, 231 gettext("ssh-http-proxy: HTTP reply not understood\n")); 232 (void) close(sock); 233 exit(1); 234 } 235 236 ret_string = strtok(connect_reply, "\n"); 237 238 /* If the return error code is not 200, print an error and quit. */ 239 if (ret_code != 200) { 240 (void) fprintf(stderr, "%s\n", ret_string); 241 (void) close(sock); 242 exit(1); 243 } else { 244 debug("%s", ret_string); 245 } 246 } 247 248 fds[0].fd = STDIN_FILENO; /* Poll stdin for data. */ 249 fds[1].fd = sock; /* Poll the socket for data. */ 250 fds[0].events = fds[1].events = POLLIN; 251 252 for (;;) { 253 if (poll(fds, 2, INFTIM) == -1) { 254 perror("poll"); 255 (void) close(sock); 256 exit(1); 257 } 258 259 /* Data arrived on stdin, write it to the socket */ 260 if (fds[0].revents & POLLIN) { 261 if (proxy_read_write_loop(STDIN_FILENO, sock) == 0) { 262 (void) close(sock); 263 exit(1); 264 } 265 } else if (fds[0].revents & (POLLERR | POLLHUP | POLLNVAL)) { 266 (void) close(sock); 267 exit(1); 268 } 269 270 /* Data arrived on the socket, write it to stdout */ 271 if (fds[1].revents & POLLIN) { 272 if (proxy_read_write_loop(sock, STDOUT_FILENO) == 0) { 273 (void) close(sock); 274 exit(1); 275 } 276 } else if (fds[1].revents & (POLLERR | POLLHUP | POLLNVAL)) { 277 (void) close(sock); 278 exit(1); 279 } 280 } 281 282 /* NOTREACHED */ 283 return (0); 284 } 285