001/**
002 *
003 * Copyright the original author or authors
004 *
005 * Licensed under the Apache License, Version 2.0 (the "License");
006 * you may not use this file except in compliance with the License.
007 * You may obtain a copy of the License at
008 *
009 *     http://www.apache.org/licenses/LICENSE-2.0
010 *
011 * Unless required by applicable law or agreed to in writing, software
012 * distributed under the License is distributed on an "AS IS" BASIS,
013 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014 * See the License for the specific language governing permissions and
015 * limitations under the License.
016 */
017package org.jivesoftware.smackx.bytestreams.socks5;
018
019import java.io.DataInputStream;
020import java.io.DataOutputStream;
021import java.io.IOException;
022import java.net.InetSocketAddress;
023import java.net.Socket;
024import java.net.SocketAddress;
025import java.nio.charset.StandardCharsets;
026import java.util.Arrays;
027import java.util.concurrent.Callable;
028import java.util.concurrent.ExecutionException;
029import java.util.concurrent.FutureTask;
030import java.util.concurrent.TimeUnit;
031import java.util.concurrent.TimeoutException;
032import java.util.logging.Logger;
033
034import org.jivesoftware.smack.SmackException;
035import org.jivesoftware.smack.SmackException.NoResponseException;
036import org.jivesoftware.smack.SmackException.NotConnectedException;
037import org.jivesoftware.smack.SmackException.SmackMessageException;
038import org.jivesoftware.smack.XMPPException;
039import org.jivesoftware.smack.util.Async;
040import org.jivesoftware.smack.util.CloseableUtil;
041
042import org.jivesoftware.smackx.bytestreams.socks5.packet.Bytestream.StreamHost;
043
044/**
045 * The SOCKS5 client class handles establishing a connection to a SOCKS5 proxy. Connecting to a
046 * SOCKS5 proxy requires authentication. This implementation only supports the no-authentication
047 * authentication method.
048 *
049 * @author Henning Staib
050 */
051public class Socks5Client {
052
053    private static final Logger LOGGER = Logger.getLogger(Socks5Client.class.getName());
054
055    /* stream host containing network settings and name of the SOCKS5 proxy */
056    protected StreamHost streamHost;
057
058    /* SHA-1 digest identifying the SOCKS5 stream */
059    protected String digest;
060
061    /**
062     * Constructor for a SOCKS5 client.
063     *
064     * @param streamHost containing network settings of the SOCKS5 proxy
065     * @param digest identifying the SOCKS5 Bytestream
066     */
067    public Socks5Client(StreamHost streamHost, String digest) {
068        this.streamHost = streamHost;
069        this.digest = digest;
070    }
071
072    /**
073     * Returns the initialized socket that can be used to transfer data between peers via the SOCKS5
074     * proxy.
075     *
076     * @param timeout timeout to connect to SOCKS5 proxy in milliseconds
077     * @return socket the initialized socket
078     * @throws IOException if initializing the socket failed due to a network error
079     * @throws TimeoutException if connecting to SOCKS5 proxy timed out
080     * @throws InterruptedException if the current thread was interrupted while waiting
081     * @throws XMPPException if an XMPP protocol error was received.
082     * @throws SmackMessageException if there was an error.
083     * @throws NotConnectedException if the XMPP connection is not connected.
084     * @throws NoResponseException if there was no response from the remote entity.
085     */
086    public Socket getSocket(int timeout) throws IOException, InterruptedException,
087                    TimeoutException, XMPPException, SmackMessageException, NotConnectedException, NoResponseException {
088        // wrap connecting in future for timeout
089        FutureTask<Socket> futureTask = new FutureTask<>(new Callable<Socket>() {
090
091            @Override
092            public Socket call() throws IOException, SmackMessageException {
093
094                // initialize socket
095                Socket socket = new Socket();
096                SocketAddress socketAddress = new InetSocketAddress(streamHost.getAddress().asInetAddress(),
097                                streamHost.getPort());
098                socket.connect(socketAddress);
099
100                // initialize connection to SOCKS5 proxy
101                try {
102                    establish(socket);
103                }
104                catch (SmackMessageException e) {
105                    if (!socket.isClosed()) {
106                        CloseableUtil.maybeClose(socket, LOGGER);
107                    }
108                    throw e;
109                }
110
111                return socket;
112            }
113
114        });
115        Async.go(futureTask, "SOCKS5 client connecting to " + streamHost);
116
117        // get connection to initiator with timeout
118        try {
119            return futureTask.get(timeout, TimeUnit.MILLISECONDS);
120        }
121        catch (ExecutionException e) {
122            throw new IOException("ExecutionException while SOCKS5 client attempting to connect to " + streamHost, e);
123        }
124
125    }
126
127    /**
128     * Initializes the connection to the SOCKS5 proxy by negotiating authentication method and
129     * requesting a stream for the given digest. Currently only the no-authentication method is
130     * supported by the Socks5Client.
131     *
132     * @param socket connected to a SOCKS5 proxy
133     * @throws IOException if an I/O error occurred.
134     * @throws SmackMessageException if there was an error.
135     */
136    protected void establish(Socket socket) throws IOException, SmackMessageException {
137
138        byte[] connectionRequest;
139        byte[] connectionResponse;
140        /*
141         * use DataInputStream/DataOutpuStream to assure read and write is completed in a single
142         * statement
143         */
144        DataInputStream in = new DataInputStream(socket.getInputStream());
145        DataOutputStream out = new DataOutputStream(socket.getOutputStream());
146
147        // authentication negotiation
148        byte[] cmd = new byte[3];
149
150        cmd[0] = (byte) 0x05; // protocol version 5
151        cmd[1] = (byte) 0x01; // number of authentication methods supported
152        cmd[2] = (byte) 0x00; // authentication method: no-authentication required
153
154        out.write(cmd);
155        out.flush();
156
157        byte[] response = new byte[2];
158        in.readFully(response);
159
160        // check if server responded with correct version and no-authentication method
161        if (response[0] != (byte) 0x05 || response[1] != (byte) 0x00) {
162            throw new SmackException.SmackMessageException("Remote SOCKS5 server responded with unexpected version: " + response[0] + ' ' + response[1] + ". Should be 0x05 0x00.");
163        }
164
165        // request SOCKS5 connection with given address/digest
166        connectionRequest = createSocks5ConnectRequest();
167        out.write(connectionRequest);
168        out.flush();
169
170        // receive response
171        connectionResponse = Socks5Utils.receiveSocks5Message(in);
172
173        // verify response
174        connectionRequest[1] = (byte) 0x00; // set expected return status to 0
175        if (!Arrays.equals(connectionRequest, connectionResponse)) {
176            throw new SmackException.SmackMessageException(
177                            "Connection request does not equal connection response. Response: "
178                                            + Arrays.toString(connectionResponse) + ". Request: "
179                                            + Arrays.toString(connectionRequest));
180        }
181    }
182
183    /**
184     * Returns a SOCKS5 connection request message. It contains the command "connect", the address
185     * type "domain" and the digest as address.
186     * <p>
187     * (see <a href="http://tools.ietf.org/html/rfc1928">RFC1928</a>)
188     *
189     * @return SOCKS5 connection request message
190     */
191    private byte[] createSocks5ConnectRequest() {
192        byte[] addr = digest.getBytes(StandardCharsets.UTF_8);
193
194        byte[] data = new byte[7 + addr.length];
195        data[0] = (byte) 0x05; // version (SOCKS5)
196        data[1] = (byte) 0x01; // command (1 - connect)
197        data[2] = (byte) 0x00; // reserved byte (always 0)
198        data[3] = (byte) 0x03; // address type (3 - domain name)
199        data[4] = (byte) addr.length; // address length
200        System.arraycopy(addr, 0, data, 5, addr.length); // address
201        data[data.length - 2] = (byte) 0; // address port (2 bytes always 0)
202        data[data.length - 1] = (byte) 0;
203
204        return data;
205    }
206
207}