diff --git a/include/iocore/net/Socks.h b/include/iocore/net/Socks.h index ea6af87414d..40e601c83bb 100644 --- a/include/iocore/net/Socks.h +++ b/include/iocore/net/Socks.h @@ -23,6 +23,12 @@ #pragma once +/*When this is being compiled with TS, we enable more features the use + non modularized stuff. namely: + ip_ranges and multiple socks server support. +*/ +#define SOCKS_WITH_TS + #define SOCKS_DEFAULT_VERSION 0 // defined the configuration variable #define SOCKS4_VERSION 4 #define SOCKS5_VERSION 5 diff --git a/src/iocore/net/P_Socks.h b/src/iocore/net/P_Socks.h index 6255cbb34af..4a8cf985669 100644 --- a/src/iocore/net/P_Socks.h +++ b/src/iocore/net/P_Socks.h @@ -30,7 +30,9 @@ #include "iocore/net/Socks.h" #include "tsutil/ts_errata.h" +#ifdef SOCKS_WITH_TS #include "proxy/ParentSelection.h" +#endif enum { // types of events for Socks auth handlers @@ -55,9 +57,21 @@ struct socks_conf_struct { int accept_port = 0; unsigned short http_port = 1080; +#ifdef SOCKS_WITH_TS swoc::IPRangeSet ip_addrs; +#endif - socks_conf_struct() {} +#ifndef SOCKS_WITH_TS + IpEndpoint server_addr; +#endif + + socks_conf_struct() + + { +#if !defined(SOCKS_WITH_TS) + memset(&server_addr, 0, sizeof(server_addr)); +#endif + } }; void start_SocksProxy(int port); @@ -108,10 +122,12 @@ struct SocksEntry : public Continuation { SocksAuthHandler auth_handler = nullptr; unsigned char socks_cmd = NORMAL_SOCKS; +#ifdef SOCKS_WITH_TS // socks server selection: ParentConfigParams *server_params = nullptr; HttpRequestData req_data; // We dont use any http specific fields. ParentResult server_result; +#endif int startEvent(int event, void *data); int mainEvent(int event, void *data); diff --git a/src/iocore/net/Socks.cc b/src/iocore/net/Socks.cc index c1a262f69bc..e6eb18400da 100644 --- a/src/iocore/net/Socks.cc +++ b/src/iocore/net/Socks.cc @@ -71,6 +71,7 @@ SocksEntry::init(Ptr &m, SocksNetVC *vc, unsigned char socks_support ats_ip_copy(&target_addr, vc->get_remote_addr()); +#ifdef SOCKS_WITH_TS req_data.hdr = nullptr; req_data.hostname_str = nullptr; req_data.api_info = nullptr; @@ -83,6 +84,7 @@ SocksEntry::init(Ptr &m, SocksNetVC *vc, unsigned char socks_support ats_ip_copy(&req_data.src_ip, &target_addr); server_params = SocksServerConfig::acquire(); +#endif nattempts = 0; findServer(); @@ -98,6 +100,7 @@ SocksEntry::findServer() unsigned int fail_threshold = server_params->policy.FailThreshold; unsigned int retry_time = server_params->policy.ParentRetryTime; +#ifdef SOCKS_WITH_TS if (nattempts == 1) { ink_assert(server_result.result == PARENT_UNDEFINED); server_params->findParent(&req_data, &server_result, fail_threshold, retry_time); @@ -135,6 +138,12 @@ SocksEntry::findServer() case PARENT_FAIL: memset(&server_addr, 0, sizeof(server_addr)); } +#else + if (nattempts > netProcessor.socks_conf_stuff->connection_attempts) + memset(&server_addr, 0, sizeof(server_addr)); + else + ats_ip_copy(&server_addr, &g_socks_conf_stuff->server_addr); +#endif // SOCKS_WITH_TS char buff[INET6_ADDRSTRLEN]; Dbg(dbg_ctl_SocksParent, "findServer result: %s:%d", ats_ip_ntop(&server_addr.sa, buff, sizeof(buff)), @@ -153,9 +162,11 @@ SocksEntry::free() timeout->cancel(this); } +#ifdef SOCKS_WITH_TS if (!lerrno && netVConnection && server_result.retry) { server_params->markParentUp(&server_result); } +#endif if ((action_.cancelled || lerrno) && netVConnection) { netVConnection->do_io_close(); @@ -176,7 +187,9 @@ SocksEntry::free() action_.continuation->handleEvent(NET_EVENT_OPEN, netVConnection); } } +#ifdef SOCKS_WITH_TS SocksServerConfig::release(server_params); +#endif free_MIOBuffer(buf); action_ = nullptr; @@ -452,8 +465,10 @@ SocksEntry::mainEvent(int event, void *data) void loadSocksConfiguration(socks_conf_struct *socks_conf_stuff) { - ats_scoped_str config_pathname; - swoc::Errata errata; + ats_scoped_str config_pathname; +#ifdef SOCKS_WITH_TS + swoc::Errata errata; +#endif std::error_code ec; std::string config_text; @@ -488,7 +503,9 @@ loadSocksConfiguration(socks_conf_struct *socks_conf_stuff) "accept_port = %d http_port = %d", socks_conf_stuff->accept_enabled, socks_conf_stuff->accept_port, socks_conf_stuff->http_port); +#ifdef SOCKS_WITH_TS SocksServerConfig::startup(); +#endif config_pathname = RecConfigReadConfigPath("proxy.config.socks.socks_config_file"); Dbg(dbg_ctl_Socks, "Socks Config File: %s", (const char *)config_pathname); @@ -505,6 +522,7 @@ loadSocksConfiguration(socks_conf_struct *socks_conf_stuff) goto error; } +#ifdef SOCKS_WITH_TS errata = loadSocksIPAddrs(config_text, socks_conf_stuff); if (!errata.is_ok()) { @@ -512,6 +530,7 @@ loadSocksConfiguration(socks_conf_struct *socks_conf_stuff) Error("%s", config_text.c_str()); goto error; } +#endif if (loadSocksAuthInfo(config_text, socks_conf_stuff) != 0) { Error("SOCKS Config: Error while reading Socks auth info"); diff --git a/src/iocore/net/UnixNetProcessor.cc b/src/iocore/net/UnixNetProcessor.cc index a6519b9a617..0b3aefff07c 100644 --- a/src/iocore/net/UnixNetProcessor.cc +++ b/src/iocore/net/UnixNetProcessor.cc @@ -180,15 +180,16 @@ UnixNetProcessor::connect_re(Continuation *cont, sockaddr const *target, NetVCOp vc->options = opt; vc->set_context(NET_VCONNECTION_OUT); - - const bool using_socks = (socks_conf_stuff->socks_needed && opt.socks_support != NO_SOCKS && - (opt.socks_version != SOCKS_DEFAULT_VERSION || - /* This implies we are tunnelling. - * we need to connect using socks server even - * if this ip is in no_socks list. - */ - !socks_conf_stuff->ip_addrs.contains(swoc::IPAddr(target)))); - + bool using_socks = (socks_conf_stuff->socks_needed && opt.socks_support != NO_SOCKS +#ifdef SOCKS_WITH_TS + && (opt.socks_version != SOCKS_DEFAULT_VERSION || + /* This implies we are tunnelling. + * we need to connect using socks server even + * if this ip is in no_socks list. + */ + !socks_conf_stuff->ip_addrs.contains(swoc::IPAddr(target))) +#endif + ); SocksEntry *socksEntry = nullptr; vc->id = net_next_connection_number();