add trasparent proxy support

Author: madeye

configure

@@ -640,6 +640,8 @@ PTHREAD_LIBS
 PTHREAD_CC
 acx_pthread_config
 LIBOBJS
+BUILD_REDIRECTOR_FALSE
+BUILD_REDIRECTOR_TRUE
 CPP
 OTOOL64
 OTOOL
@@ -12542,8 +12544,30 @@ fi
 
 
 
-# Checks for libraries.
-# AC_SEARCH_LIBS([ev_io_start], [ev], [ ], AC_MSG_ERROR([libev not found.]))
+# Checks for host.
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for what kind of host" >&5
+$as_echo_n "checking for what kind of host... " >&6; }
+case $host in
+  *-linux*)
+    os_support=linux
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: Linux" >&5
+$as_echo "Linux" >&6; }
+    ;;
+  *)
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: transparent proxy does not support for $host" >&5
+$as_echo "transparent proxy does not support for $host" >&6; }
+    ;;
+esac
+
+ if test "$os_support" = "linux"; then
+  BUILD_REDIRECTOR_TRUE=
+  BUILD_REDIRECTOR_FALSE='#'
+else
+  BUILD_REDIRECTOR_TRUE='#'
+  BUILD_REDIRECTOR_FALSE=
+fi
+
 
 # Checks for header files.
 for ac_header in stdint.h inttypes.h arpa/inet.h fcntl.h langinfo.h locale.h netdb.h netinet/in.h stdlib.h string.h strings.h sys/socket.h unistd.h
@@ -14399,6 +14423,10 @@ if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then
   as_fn_error $? "conditional \"am__fastdepCC\" was never defined.
 Usually this means the macro was only invoked conditionally." "$LINENO" 5
 fi
+if test -z "${BUILD_REDIRECTOR_TRUE}" && test -z "${BUILD_REDIRECTOR_FALSE}"; then
+  as_fn_error $? "conditional \"BUILD_REDIRECTOR\" was never defined.
+Usually this means the macro was only invoked conditionally." "$LINENO" 5
+fi
 
 
 : "${CONFIG_STATUS=./config.status}"

configure.ac

@@ -18,8 +18,20 @@ AC_PROG_MAKE_SET
 
 m4_include([libev/libev.m4])
 
-# Checks for libraries.
-# AC_SEARCH_LIBS([ev_io_start], [ev], [ ], AC_MSG_ERROR([libev not found.]))
+# Checks for host.
+
+AC_MSG_CHECKING(for what kind of host)
+case $host in
+  *-linux*)
+    os_support=linux
+    AC_MSG_RESULT(Linux)
+    ;;
+  *)
+    AC_MSG_RESULT(transparent proxy does not support for $host)
+    ;;
+esac
+
+AM_CONDITIONAL(BUILD_REDIRECTOR, test "$os_support" = "linux")
 
 # Checks for header files.
 AC_CHECK_HEADERS([stdint.h inttypes.h arpa/inet.h fcntl.h langinfo.h locale.h netdb.h netinet/in.h stdlib.h string.h strings.h sys/socket.h unistd.h])

src/Makefile.am

@@ -6,9 +6,17 @@ ss_server_SOURCES = utils.c jconf.c json.c \
 					rc4.c md5.c encrypt.c \
 					server.c
 ss_local_LDADD = $(top_builddir)/libev/libev.la
-ss_local_LDADD += $(top_builddir)/libasyncns/libasyncns.la
 ss_server_LDADD = $(top_builddir)/libev/libev.la
 ss_server_LDADD += $(top_builddir)/libasyncns/libasyncns.la
+
+if BUILD_REDIRECTOR
+bin_PROGRAMS += ss-redir
+ss_redir_SOURCES = utils.c jconf.c json.c \
+				   rc4.c md5.c encrypt.c \
+				   redir.c
+ss_redir_LDADD = $(top_builddir)/libev/libev.la
+endif
+
 AM_CFLAGS  = -g -O2 -Wall -fno-strict-aliasing 
 AM_LDFLAGS = -static
 AM_CFLAGS += -I$(top_builddir)/libev

src/Makefile.in

@@ -50,7 +50,8 @@ PRE_UNINSTALL = :
 POST_UNINSTALL = :
 build_triplet = @build@
 host_triplet = @host@
-bin_PROGRAMS = ss-local$(EXEEXT) ss-server$(EXEEXT)
+bin_PROGRAMS = ss-local$(EXEEXT) ss-server$(EXEEXT) $(am__EXEEXT_1)
+@BUILD_REDIRECTOR_TRUE@am__append_1 = ss-redir
 subdir = src
 DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \
 	$(top_srcdir)/depcomp
@@ -66,13 +67,22 @@ mkinstalldirs = $(install_sh) -d
 CONFIG_HEADER = $(top_builddir)/config.h
 CONFIG_CLEAN_FILES =
 CONFIG_CLEAN_VPATH_FILES =
+@BUILD_REDIRECTOR_TRUE@am__EXEEXT_1 = ss-redir$(EXEEXT)
 am__installdirs = "$(DESTDIR)$(bindir)"
 PROGRAMS = $(bin_PROGRAMS)
 am_ss_local_OBJECTS = utils.$(OBJEXT) jconf.$(OBJEXT) json.$(OBJEXT) \
 	rc4.$(OBJEXT) md5.$(OBJEXT) encrypt.$(OBJEXT) local.$(OBJEXT)
 ss_local_OBJECTS = $(am_ss_local_OBJECTS)
-ss_local_DEPENDENCIES = $(top_builddir)/libev/libev.la \
-	$(top_builddir)/libasyncns/libasyncns.la
+ss_local_DEPENDENCIES = $(top_builddir)/libev/libev.la
+am__ss_redir_SOURCES_DIST = utils.c jconf.c json.c rc4.c md5.c \
+	encrypt.c redir.c
+@BUILD_REDIRECTOR_TRUE@am_ss_redir_OBJECTS = utils.$(OBJEXT) \
+@BUILD_REDIRECTOR_TRUE@	jconf.$(OBJEXT) json.$(OBJEXT) \
+@BUILD_REDIRECTOR_TRUE@	rc4.$(OBJEXT) md5.$(OBJEXT) \
+@BUILD_REDIRECTOR_TRUE@	encrypt.$(OBJEXT) redir.$(OBJEXT)
+ss_redir_OBJECTS = $(am_ss_redir_OBJECTS)
+@BUILD_REDIRECTOR_TRUE@ss_redir_DEPENDENCIES =  \
+@BUILD_REDIRECTOR_TRUE@	$(top_builddir)/libev/libev.la
 am_ss_server_OBJECTS = utils.$(OBJEXT) jconf.$(OBJEXT) json.$(OBJEXT) \
 	rc4.$(OBJEXT) md5.$(OBJEXT) encrypt.$(OBJEXT) server.$(OBJEXT)
 ss_server_OBJECTS = $(am_ss_server_OBJECTS)
@@ -91,8 +101,9 @@ CCLD = $(CC)
 LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \
 	--mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \
 	$(LDFLAGS) -o $@
-SOURCES = $(ss_local_SOURCES) $(ss_server_SOURCES)
-DIST_SOURCES = $(ss_local_SOURCES) $(ss_server_SOURCES)
+SOURCES = $(ss_local_SOURCES) $(ss_redir_SOURCES) $(ss_server_SOURCES)
+DIST_SOURCES = $(ss_local_SOURCES) $(am__ss_redir_SOURCES_DIST) \
+	$(ss_server_SOURCES)
 am__can_run_installinfo = \
   case $$AM_UPDATE_INFO_DIR in \
     n|no|NO) false;; \
@@ -226,10 +237,14 @@ ss_server_SOURCES = utils.c jconf.c json.c \
 					rc4.c md5.c encrypt.c \
 					server.c
 
-ss_local_LDADD = $(top_builddir)/libev/libev.la \
-	$(top_builddir)/libasyncns/libasyncns.la
+ss_local_LDADD = $(top_builddir)/libev/libev.la
 ss_server_LDADD = $(top_builddir)/libev/libev.la \
 	$(top_builddir)/libasyncns/libasyncns.la
+@BUILD_REDIRECTOR_TRUE@ss_redir_SOURCES = utils.c jconf.c json.c \
+@BUILD_REDIRECTOR_TRUE@				   rc4.c md5.c encrypt.c \
+@BUILD_REDIRECTOR_TRUE@				   redir.c
+
+@BUILD_REDIRECTOR_TRUE@ss_redir_LDADD = $(top_builddir)/libev/libev.la
 AM_CFLAGS = -g -O2 -Wall -fno-strict-aliasing -I$(top_builddir)/libev \
 	-I$(top_builddir)/libasyncns
 AM_LDFLAGS = -static
@@ -316,6 +331,9 @@ clean-binPROGRAMS:
 ss-local$(EXEEXT): $(ss_local_OBJECTS) $(ss_local_DEPENDENCIES) $(EXTRA_ss_local_DEPENDENCIES) 
 	@rm -f ss-local$(EXEEXT)
 	$(LINK) $(ss_local_OBJECTS) $(ss_local_LDADD) $(LIBS)
+ss-redir$(EXEEXT): $(ss_redir_OBJECTS) $(ss_redir_DEPENDENCIES) $(EXTRA_ss_redir_DEPENDENCIES) 
+	@rm -f ss-redir$(EXEEXT)
+	$(LINK) $(ss_redir_OBJECTS) $(ss_redir_LDADD) $(LIBS)
 ss-server$(EXEEXT): $(ss_server_OBJECTS) $(ss_server_DEPENDENCIES) $(EXTRA_ss_server_DEPENDENCIES) 
 	@rm -f ss-server$(EXEEXT)
 	$(LINK) $(ss_server_OBJECTS) $(ss_server_LDADD) $(LIBS)
@@ -332,6 +350,7 @@ distclean-compile:
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/local.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/md5.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/rc4.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/redir.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/server.Po@am__quote@
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/utils.Po@am__quote@
 

src/local.c

@@ -99,18 +99,11 @@ static void server_recv_cb (EV_P_ ev_io *w, int revents) {
         return;
     }
 
-    char *buf = remote->buf;
-    int *buf_len = &remote->buf_len;
-    if (server->stage != 5) {
-        buf = server->buf;
-        buf_len = &server->buf_len;
-    }
-
-    ssize_t r = recv(server->fd, buf, BUF_SIZE, 0);
+    ssize_t r = recv(server->fd, remote->buf, BUF_SIZE, 0);
 
     if (r == 0) {
         // connection closed
-        *buf_len = 0;
+        remote->buf_len = 0;
         close_and_free_server(EV_A_ server);
         if (remote != NULL) {
             ev_io_start(EV_A_ &remote->send_ctx->io);
@@ -162,7 +155,7 @@ static void server_recv_cb (EV_P_ ev_io *w, int revents) {
         server->stage = 1;
         return;
     } else if (server->stage == 1) {
-        struct socks5_request *request = (struct socks5_request *)server->buf;
+        struct socks5_request *request = (struct socks5_request *)remote->buf;
 
         if (request->cmd != 1) {
             LOGE("unsupported cmd: %d", request->cmd);
@@ -186,24 +179,24 @@ static void server_recv_cb (EV_P_ ev_io *w, int revents) {
         if (request->atyp == 1) {
             // IP V4
             size_t in_addr_len = sizeof(struct in_addr);
-            memcpy(addr_to_send + addr_len, server->buf + 4, in_addr_len + 2);
+            memcpy(addr_to_send + addr_len, remote->buf + 4, in_addr_len + 2);
             addr_len += in_addr_len + 2;
 
         } else if (request->atyp == 3) {
             // Domain name
-            uint8_t name_len = *(uint8_t *)(server->buf + 4);
+            uint8_t name_len = *(uint8_t *)(remote->buf + 4);
             addr_to_send[addr_len++] = name_len;
-            memcpy(addr_to_send + addr_len, server->buf + 4 + 1, name_len);
+            memcpy(addr_to_send + addr_len, remote->buf + 4 + 1, name_len);
             addr_len += name_len;
 
             // get port
-            addr_to_send[addr_len++] = *(uint8_t *)(server->buf + 4 + 1 + name_len); 
-            addr_to_send[addr_len++] = *(uint8_t *)(server->buf + 4 + 1 + name_len + 1); 
+            addr_to_send[addr_len++] = *(uint8_t *)(remote->buf + 4 + 1 + name_len); 
+            addr_to_send[addr_len++] = *(uint8_t *)(remote->buf + 4 + 1 + name_len + 1); 
 
         } else if (request->atyp == 4) {
             // IP V6
             size_t in6_addr_len = sizeof(struct in6_addr);
-            memcpy(addr_to_send + addr_len, server->buf + 4, in6_addr_len + 2);
+            memcpy(addr_to_send + addr_len, remote->buf + 4, in6_addr_len + 2);
             addr_len += in6_addr_len + 2;
 
         } else {
@@ -214,7 +207,13 @@ static void server_recv_cb (EV_P_ ev_io *w, int revents) {
         }
 
         encrypt_ctx(addr_to_send, addr_len, server->e_ctx);
-        send(remote->fd, addr_to_send, addr_len, 0);
+        int s = send(remote->fd, addr_to_send, addr_len, 0);
+        if (s < addr_len) {
+            LOGE("failed to send remote addr.");
+            close_and_free_remote(EV_A_ remote);
+            close_and_free_server(EV_A_ server);
+            return;
+        }
 
         // Fake reply
         struct socks5_response response;
@@ -230,9 +229,9 @@ static void server_recv_cb (EV_P_ ev_io *w, int revents) {
         memset(server->buf + 4, 0, sizeof(struct in_addr) + sizeof(uint16_t));
 
         int reply_size = 4 + sizeof(struct in_addr) + sizeof(uint16_t);
-        int s = send(server->fd, server->buf, reply_size, 0);
+        s = send(server->fd, server->buf, reply_size, 0);
         if (s < reply_size) {
-            LOGE("header not complete sent");
+            LOGE("failed to send fake reply.");
             close_and_free_remote(EV_A_ remote);
             close_and_free_server(EV_A_ server);
             return;