1 | package nu.fw.jeti.plugins.filetransfer.socks5.jsocks; |
---|
2 | |
---|
3 | |
---|
4 | import java.io.IOException; |
---|
5 | import java.io.InputStream; |
---|
6 | import java.io.DataInputStream; |
---|
7 | import java.io.OutputStream; |
---|
8 | import java.io.PushbackInputStream; |
---|
9 | import java.net.Socket; |
---|
10 | |
---|
11 | /** |
---|
12 | An implementation of ServerAuthenticator, which does <b>not</b> do |
---|
13 | any authentication. |
---|
14 | <P> |
---|
15 | <FONT size="+3" color ="FF0000"> Warning!!</font><br> Should not be |
---|
16 | used on machines which are not behind the firewall. |
---|
17 | <p> |
---|
18 | It is only provided to make implementing other authentication schemes |
---|
19 | easier.<br> |
---|
20 | For Example: <tt><pre> |
---|
21 | class MyAuth extends socks.server.ServerAuthenticator{ |
---|
22 | ... |
---|
23 | public ServerAuthenticator startSession(java.net.Socket s){ |
---|
24 | if(!checkHost(s.getInetAddress()) return null; |
---|
25 | return super.startSession(s); |
---|
26 | } |
---|
27 | |
---|
28 | boolean checkHost(java.net.Inetaddress addr){ |
---|
29 | boolean allow; |
---|
30 | //Do it somehow |
---|
31 | return allow; |
---|
32 | } |
---|
33 | } |
---|
34 | </pre></tt> |
---|
35 | */ |
---|
36 | public class ServerAuthenticatorNone implements ServerAuthenticator{ |
---|
37 | |
---|
38 | static final byte[] socks5response = {5,0}; |
---|
39 | |
---|
40 | InputStream in; |
---|
41 | OutputStream out; |
---|
42 | |
---|
43 | /** |
---|
44 | Creates new instance of the ServerAuthenticatorNone. |
---|
45 | */ |
---|
46 | public ServerAuthenticatorNone(){ |
---|
47 | this.in = null; |
---|
48 | this.out = null; |
---|
49 | } |
---|
50 | /** |
---|
51 | Constructs new ServerAuthenticatorNone object suitable for returning |
---|
52 | from the startSession function. |
---|
53 | @param in Input stream to return from getInputStream method. |
---|
54 | @param out Output stream to return from getOutputStream method. |
---|
55 | */ |
---|
56 | public ServerAuthenticatorNone(InputStream in, OutputStream out){ |
---|
57 | this.in = in; |
---|
58 | this.out = out; |
---|
59 | } |
---|
60 | /** |
---|
61 | Grants access to everyone.Removes authentication related bytes from |
---|
62 | the stream, when a SOCKS5 connection is being made, selects an |
---|
63 | authentication NONE. |
---|
64 | */ |
---|
65 | public ServerAuthenticator startSession(Socket s) |
---|
66 | throws IOException{ |
---|
67 | |
---|
68 | PushbackInputStream in = new PushbackInputStream(s.getInputStream()); |
---|
69 | OutputStream out = s.getOutputStream(); |
---|
70 | |
---|
71 | int version = in.read(); |
---|
72 | if(version == 5){ |
---|
73 | if(!selectSocks5Authentication(in,out,0)) |
---|
74 | return null; |
---|
75 | }else if(version == 4){ |
---|
76 | //Else it is the request message allready, version 4 |
---|
77 | in.unread(version); |
---|
78 | }else |
---|
79 | return null; |
---|
80 | |
---|
81 | |
---|
82 | return new ServerAuthenticatorNone(in,out); |
---|
83 | } |
---|
84 | |
---|
85 | /** |
---|
86 | Get input stream. |
---|
87 | @return Input stream speciefied in the constructor. |
---|
88 | */ |
---|
89 | public InputStream getInputStream(){ |
---|
90 | return in; |
---|
91 | } |
---|
92 | /** |
---|
93 | Get output stream. |
---|
94 | @return Output stream speciefied in the constructor. |
---|
95 | */ |
---|
96 | public OutputStream getOutputStream(){ |
---|
97 | return out; |
---|
98 | } |
---|
99 | /** |
---|
100 | Allways returns null. |
---|
101 | @return null |
---|
102 | */ |
---|
103 | public UDPEncapsulation getUdpEncapsulation(){ |
---|
104 | return null; |
---|
105 | } |
---|
106 | |
---|
107 | /** |
---|
108 | Allways returns true. |
---|
109 | */ |
---|
110 | public boolean checkRequest(ProxyMessage msg){ |
---|
111 | return true; |
---|
112 | } |
---|
113 | |
---|
114 | /** |
---|
115 | Allways returns true. |
---|
116 | */ |
---|
117 | public boolean checkRequest(java.net.DatagramPacket dp, boolean out){ |
---|
118 | return true; |
---|
119 | } |
---|
120 | |
---|
121 | /** |
---|
122 | Does nothing. |
---|
123 | */ |
---|
124 | public void endSession(){ |
---|
125 | } |
---|
126 | |
---|
127 | /** |
---|
128 | Convinience routine for selecting SOCKSv5 authentication. |
---|
129 | <p> |
---|
130 | This method reads in authentication methods that client supports, |
---|
131 | checks wether it supports given method. If it does, the notification |
---|
132 | method is written back to client, that this method have been chosen |
---|
133 | for authentication. If given method was not found, authentication |
---|
134 | failure message is send to client ([5,FF]). |
---|
135 | @param in Input stream, version byte should be removed from the stream |
---|
136 | before calling this method. |
---|
137 | @param out Output stream. |
---|
138 | @param methodId Method which should be selected. |
---|
139 | @return true if methodId was found, false otherwise. |
---|
140 | */ |
---|
141 | static public boolean selectSocks5Authentication(InputStream in, |
---|
142 | OutputStream out, |
---|
143 | int methodId) |
---|
144 | throws IOException{ |
---|
145 | |
---|
146 | int num_methods = in.read(); |
---|
147 | if (num_methods <= 0) return false; |
---|
148 | byte method_ids[] = new byte[num_methods]; |
---|
149 | byte response[] = new byte[2]; |
---|
150 | boolean found = false; |
---|
151 | |
---|
152 | response[0] = (byte) 5; //SOCKS version |
---|
153 | response[1] = (byte) 0xFF; //Not found, we are pessimistic |
---|
154 | |
---|
155 | int bread = 0; //bytes read so far |
---|
156 | while(bread < num_methods) |
---|
157 | bread += in.read(method_ids,bread,num_methods-bread); |
---|
158 | |
---|
159 | for(int i=0;i<num_methods;++i) |
---|
160 | if(method_ids[i] == methodId){ |
---|
161 | found = true; |
---|
162 | response[1] = (byte) methodId; |
---|
163 | break; |
---|
164 | } |
---|
165 | |
---|
166 | out.write(response); |
---|
167 | return found; |
---|
168 | } |
---|
169 | } |
---|