From patchwork Wed Aug 30 13:05:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Sandro Trianni X-Patchwork-Id: 3330 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:390:b0:d7:3b0f:3938 with SMTP id 16csp332887dyq; Wed, 30 Aug 2023 06:06:30 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHhs1VIHqSW1fIuDvfCAglIuI5EIfrXtsvMKQ58eNk7d+Zo0KqEGqUW63ffss10NKAlQ0ki X-Received: by 2002:a17:902:d505:b0:1c0:ecbb:182e with SMTP id b5-20020a170902d50500b001c0ecbb182emr2173872plg.2.1693400790422; Wed, 30 Aug 2023 06:06:30 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1693400790; cv=none; d=google.com; s=arc-20160816; b=z5H+LNGdnsV+gNuJzi9tGvYvDuIrU422XWDZR7Y4SrEgC0I+WWntxmstyWJKhNoNMz D47cMcX6mHtVA0qDYmEnPnskWESZ24L1kHMah+JPEeUdfYrMVepR/lh29cIArL1xgkhl jnAQyyN0BTK7BJ9giuVAY6FESP2dc06uazQXW4MtfxvjNyj7Qlngm8UIkv8NQ+Zw3xh8 dXtqPI+y46ArceCXr2SOivVvSMV+bRX17V8WCpZ0a1mTB5RwLw9j3YHuKyH2PMasqNfj poJLIKVUZ/RAb/JJLel1oaAL/1HZm1pu8m+dOg98UZrPNiuOgPlXCEmrtG19Roq1jyQu drvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:message-id:date:to:from:dkim-signature:dkim-signature :dkim-signature; bh=d2HV9D0H+z16rYLJY0bYRhvYNcRKll97s7BZsbQxuwk=; fh=4NbAC/LsuMLI0S0hprUlLSLCiHwg6SCAifhH718Jh0Q=; b=JZwLgr6WnZZ+Gs994dkO5OocGG8sExyOnCA+CblWRXRoN8HCwZsAK2D8ZxHwmwEm83 1BZ8BQlxw0HpV/2zX8ONAmE8T28gWoqGvCPOGHPukFfmwFz6sla9m9UrkSWW12itGWQt Xyfz5ezaaiFoUykMLXOyM+iGP9Mp7exH7fi17Opi+mMgrbkGFH9YxxaFoHlKebh7kRk/ SN2jR1HNRDxNfTP7UHAcbDDz5XhzrqPUwGMfKAxLXqlHziVL8O6JV451Q2VlPfogRSmo p9ZhIIoIfemEiXcKbaSzEkrx8937FbhYcLi273ruAETS6PTUsBP0ahW401YOYCL6TKKI JlxQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=flkdU7JN; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Tcol+e09; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20221208 header.b=H4sX6CZz; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id k11-20020a170902c40b00b001bb9375b349si2499696plk.536.2023.08.30.06.06.30 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 30 Aug 2023 06:06:30 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=flkdU7JN; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Tcol+e09; dkim=neutral (body hash did not verify) header.i=@gmail.com header.s=20221208 header.b=H4sX6CZz; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from [127.0.0.1] (helo=sfs-ml-4.v29.lw.sourceforge.com) by sfs-ml-4.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1qbKsz-0003lk-LK; Wed, 30 Aug 2023 13:05:30 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-4.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1qbKsy-0003le-9b for openvpn-devel@lists.sourceforge.net; Wed, 30 Aug 2023 13:05:28 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=bBrAXaOtgmhP8OcvxIYQzOpamV5ONgABUZTatQwUNL4=; b=flkdU7JNOrM5NF4vAk2/0w2svX JI84dBJS5Pyxj6YcVvq8qoD0UMOXk+WX+mJyMWNHBKHntuy6+CqkBFIk1zApyYbaPF70RM6QQVvzL bq/wFH0TgO3z9hXSXT/uXbtn4FKha3qslXoaxONljbK8vR+MXC6/jU1ToQbLIlpyG8tM=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=bBrAXaOtgmhP8OcvxIYQzOpamV5ONgABUZTatQwUNL4=; b=T col+e091Sv/sYmMOwHOlQg7fTVF08cQHe+yzVqLMsYgaRDFcF8TwADDTheYJP84ubkimUyEHxdeZX 3KyMf4Sg7VLohsli3Dxv8EOL4UK4cX1BJuGY5fBf/ULDUvhJpRPeHWaI23+Ms6Y285CSyHqh3WTN+ ss44qvH0IbncILt0=; Received: from mail-wm1-f53.google.com ([209.85.128.53]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1qbKsx-003WVg-Sj for openvpn-devel@lists.sourceforge.net; Wed, 30 Aug 2023 13:05:28 +0000 Received: by mail-wm1-f53.google.com with SMTP id 5b1f17b1804b1-40078c4855fso52010045e9.3 for ; Wed, 30 Aug 2023 06:05:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1693400721; x=1694005521; darn=lists.sourceforge.net; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=bBrAXaOtgmhP8OcvxIYQzOpamV5ONgABUZTatQwUNL4=; b=H4sX6CZz4alEtoEVppBdAv/SX9Xkh/KH385VLX+pg7hwGwDkunF9VdR5NAP2NdU9WC 565qD9hi0Qq6ZZOg2z1lHvtcOBlKgfaH2CGDAQsn1HrtowJIkgTNLsKuDHqiFg2lrITO YOAkO4bqRJxqb2Jn6mZxGZ+BK5glkb/AFYLDIWTEmhbkYJRWjUwvbghv7PVT7koPEZk0 GdoRlwpGwtXdcsLVts/TQsDEqyT3yoX/DXIUExFx74p0H8DJ8L2bo6TYtUFElwrvCrfz cHpUMCTB1+sTtH+sDu8ND1ufNZQ31IEBgMHkNTGoiNNYhUwOBAIvnaX4x1Cck4rBaFOW BQ+g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1693400721; x=1694005521; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=bBrAXaOtgmhP8OcvxIYQzOpamV5ONgABUZTatQwUNL4=; b=B8L4KXb8piKfRnS/x41JyJMq48roQgjDvZdFeGIQ1dP+VH9IhyxiWO9TOiI0DeROaT WwVhXnEGXQd2urTZNS1HiklQSItP6FGpRBPtNTZksIOsZb/YMYcEwagrKG/QBCixjk4D kVbW1Y/DfupVwIbZ2uxSi4hyu0rmv4v8N8GeXoBiD2/LDWafshLTlg2CoqdJhRXgBLc5 ZuePMHcp6NuyKTPMFvUNWOEB3hEUBJ8gjF4t9d2wEeuYZdwdRsWNMITm5EVaiN/DuYoj pZkWo1YtHy/0FME7A9voah1Pv8DHdVOQTeIcMtM7S468f+LCOJrqsLgDkkTN5KerUrL7 uS5g== X-Gm-Message-State: AOJu0Yw7TEjA0xFyu7aAfe+cgLHmggj0PeQ6s+3cPMNz5mEfXuSpznkP 1GZ5Px4Iz+qKMRB+tahxmg6BuNTGrlQ= X-Received: by 2002:a5d:51ce:0:b0:31a:e728:8682 with SMTP id n14-20020a5d51ce000000b0031ae7288682mr1812889wrv.68.1693400720598; Wed, 30 Aug 2023 06:05:20 -0700 (PDT) Received: from localhost.localdomain (93-0-248.netrun.cytanet.com.cy. [93.109.0.248]) by smtp.googlemail.com with ESMTPSA id r6-20020adff106000000b003197c2316ecsm16628977wro.112.2023.08.30.06.05.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 30 Aug 2023 06:05:20 -0700 (PDT) From: 5andr0 To: openvpn-devel@lists.sourceforge.net Date: Wed, 30 Aug 2023 16:05:02 +0300 Message-Id: <20230830130502.1029-1-sandro.trianni@gmail.com> X-Mailer: git-send-email 2.28.0.windows.1 MIME-Version: 1.0 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: --- src/openvpn/socket.c | 2 ++ src/openvpn/socks.c | 25 ++++++++++++++ src/openvpn/socks.h | 2 ++ 3 files changed, 18 insertions(+), 11 deletions(-) diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index 501e023e..10fd0e26 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -2075, 6 +2075, 7 @@ phase2_tcp_client(struct link_socke [...] Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.128.53 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [sandro.trianni[at]gmail.com] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.128.53 listed in wl.mailspike.net] -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1qbKsx-003WVg-Sj Subject: [Openvpn-devel] [PATCH] Implement server_poll_timeout for socks X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1775659427042655475?= X-GMAIL-MSGID: =?utf-8?q?1775659427042655475?= --- src/openvpn/socket.c | 2 ++ src/openvpn/socks.c | 25 ++++++++++++++----------- src/openvpn/socks.h | 2 ++ 3 files changed, 18 insertions(+), 11 deletions(-) diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c index 501e023e..10fd0e26 100644 --- a/src/openvpn/socket.c +++ b/src/openvpn/socket.c @@ -2075,6 +2075,7 @@ phase2_tcp_client(struct link_socket *sock, struct signal_info *sig_info) sock->sd, sock->proxy_dest_host, sock->proxy_dest_port, + sock->server_poll_timeout, sig_info); } if (proxy_retry) @@ -2104,6 +2105,7 @@ phase2_socks_client(struct link_socket *sock, struct signal_info *sig_info) sock->ctrl_sd, sock->sd, &sock->socks_relay.dest, + sock->server_poll_timeout, sig_info); if (sig_info->signal_received) diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c index a29eb83a..2cb83a66 100644 --- a/src/openvpn/socks.c +++ b/src/openvpn/socks.c @@ -42,6 +42,7 @@ #include "fdmisc.h" #include "misc.h" #include "proxy.h" +#include "forward.h" #include "memdbg.h" @@ -85,12 +86,12 @@ socks_proxy_close(struct socks_proxy_info *sp) static bool socks_username_password_auth(struct socks_proxy_info *p, socket_descriptor_t sd, + struct event_timeout *server_poll_timeout, volatile int *signal_received) { char to_send[516]; char buf[2]; int len = 0; - const int timeout_sec = 5; struct user_pass creds; ssize_t size; bool ret = false; @@ -129,7 +130,7 @@ socks_username_password_auth(struct socks_proxy_info *p, FD_ZERO(&reads); openvpn_fd_set(sd, &reads); - tv.tv_sec = timeout_sec; + tv.tv_sec = get_server_poll_remaining_time(server_poll_timeout); tv.tv_usec = 0; status = select(sd + 1, &reads, NULL, NULL, &tv); @@ -185,11 +186,11 @@ cleanup: static bool socks_handshake(struct socks_proxy_info *p, socket_descriptor_t sd, + struct event_timeout *server_poll_timeout, volatile int *signal_received) { char buf[2]; int len = 0; - const int timeout_sec = 5; ssize_t size; /* VER = 5, NMETHODS = 1, METHODS = [0 (no auth)] */ @@ -216,7 +217,7 @@ socks_handshake(struct socks_proxy_info *p, FD_ZERO(&reads); openvpn_fd_set(sd, &reads); - tv.tv_sec = timeout_sec; + tv.tv_sec = get_server_poll_remaining_time(server_poll_timeout); tv.tv_usec = 0; status = select(sd + 1, &reads, NULL, NULL, &tv); @@ -283,7 +284,7 @@ socks_handshake(struct socks_proxy_info *p, return false; } - if (!socks_username_password_auth(p, sd, signal_received)) + if (!socks_username_password_auth(p, sd, server_poll_timeout, signal_received)) { return false; } @@ -301,13 +302,13 @@ socks_handshake(struct socks_proxy_info *p, static bool recv_socks_reply(socket_descriptor_t sd, struct openvpn_sockaddr *addr, + struct event_timeout *server_poll_timeout, volatile int *signal_received) { char atyp = '\0'; int alen = 0; int len = 0; char buf[270]; /* 4 + alen(max 256) + 2 */ - const int timeout_sec = 5; if (addr != NULL) { @@ -326,7 +327,7 @@ recv_socks_reply(socket_descriptor_t sd, FD_ZERO(&reads); openvpn_fd_set(sd, &reads); - tv.tv_sec = timeout_sec; + tv.tv_sec = get_server_poll_remaining_time(server_poll_timeout); tv.tv_usec = 0; status = select(sd + 1, &reads, NULL, NULL, &tv); @@ -451,12 +452,13 @@ establish_socks_proxy_passthru(struct socks_proxy_info *p, socket_descriptor_t sd, /* already open to proxy */ const char *host, /* openvpn server remote */ const char *servname, /* openvpn server port */ + struct event_timeout *server_poll_timeout, struct signal_info *sig_info) { char buf[270]; size_t len; - if (!socks_handshake(p, sd, &sig_info->signal_received)) + if (!socks_handshake(p, sd, server_poll_timeout, &sig_info->signal_received)) { goto error; } @@ -494,7 +496,7 @@ establish_socks_proxy_passthru(struct socks_proxy_info *p, /* receive reply from Socks proxy and discard */ - if (!recv_socks_reply(sd, NULL, &sig_info->signal_received)) + if (!recv_socks_reply(sd, NULL, server_poll_timeout, &sig_info->signal_received)) { goto error; } @@ -512,9 +514,10 @@ establish_socks_proxy_udpassoc(struct socks_proxy_info *p, socket_descriptor_t ctrl_sd, /* already open to proxy */ socket_descriptor_t udp_sd, struct openvpn_sockaddr *relay_addr, + struct event_timeout *server_poll_timeout, struct signal_info *sig_info) { - if (!socks_handshake(p, ctrl_sd, &sig_info->signal_received)) + if (!socks_handshake(p, ctrl_sd, server_poll_timeout, &sig_info->signal_received)) { goto error; } @@ -535,7 +538,7 @@ establish_socks_proxy_udpassoc(struct socks_proxy_info *p, /* receive reply from Socks proxy */ CLEAR(*relay_addr); - if (!recv_socks_reply(ctrl_sd, relay_addr, &sig_info->signal_received)) + if (!recv_socks_reply(ctrl_sd, relay_addr, server_poll_timeout, &sig_info->signal_received)) { goto error; } diff --git a/src/openvpn/socks.h b/src/openvpn/socks.h index 3a89245b..a7094f06 100644 --- a/src/openvpn/socks.h +++ b/src/openvpn/socks.h @@ -52,12 +52,14 @@ void establish_socks_proxy_passthru(struct socks_proxy_info *p, socket_descriptor_t sd, /* already open to proxy */ const char *host, /* openvpn server remote */ const char *servname, /* openvpn server port */ + struct event_timeout *server_poll_timeout, struct signal_info *sig_info); void establish_socks_proxy_udpassoc(struct socks_proxy_info *p, socket_descriptor_t ctrl_sd, /* already open to proxy */ socket_descriptor_t udp_sd, struct openvpn_sockaddr *relay_addr, + struct event_timeout *server_poll_timeout, struct signal_info *sig_info); void socks_process_incoming_udp(struct buffer *buf,