netwerk/socket/nsSOCKSSocketProvider.cpp

   1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 2 -*-
   2  *
   3  * This Source Code Form is subject to the terms of the Mozilla Public
   4  * License, v. 2.0. If a copy of the MPL was not distributed with this
   5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
   6
   7 #include "nsNamedPipeIOLayer.h"
   8 #include "nsSOCKSSocketProvider.h"
   9 #include "nsSOCKSIOLayer.h"
  10 #include "nsCOMPtr.h"
  11 #include "nsError.h"
  12
  13 using mozilla::OriginAttributes;
  14
  15 //////////////////////////////////////////////////////////////////////////
  16
  17 NS_IMPL_ISUPPORTS(nsSOCKSSocketProvider, nsISocketProvider)
  18
  19 nsresult nsSOCKSSocketProvider::CreateV4(nsISupports* aOuter, REFNSIID aIID,
  20                                          void** aResult) {
  21   nsresult rv;
  22   nsCOMPtr<nsISocketProvider> inst =
  23       new nsSOCKSSocketProvider(NS_SOCKS_VERSION_4);
  24   if (!inst)
  25     rv = NS_ERROR_OUT_OF_MEMORY;
  26   else
  27     rv = inst->QueryInterface(aIID, aResult);
  28   return rv;
  29 }
  30
  31 nsresult nsSOCKSSocketProvider::CreateV5(nsISupports* aOuter, REFNSIID aIID,
  32                                          void** aResult) {
  33   nsresult rv;
  34   nsCOMPtr<nsISocketProvider> inst =
  35       new nsSOCKSSocketProvider(NS_SOCKS_VERSION_5);
  36   if (!inst)
  37     rv = NS_ERROR_OUT_OF_MEMORY;
  38   else
  39     rv = inst->QueryInterface(aIID, aResult);
  40   return rv;
  41 }
  42
  43 // Per-platform implemenation of OpenTCPSocket helper function
  44 // Different platforms have special cases to handle
  45
  46 #if defined(XP_WIN)
  47 // The proxy host on Windows may be a named pipe uri, in which
  48 // case a named-pipe (rather than a socket) should be returned
  49 static PRFileDesc* OpenTCPSocket(int32_t family, nsIProxyInfo* proxy) {
  50   PRFileDesc* sock = nullptr;
  51
  52   nsAutoCString proxyHost;
  53   proxy->GetHost(proxyHost);
  54   if (IsNamedPipePath(proxyHost)) {
  55     sock = CreateNamedPipeLayer();
  56   } else {
  57     sock = PR_OpenTCPSocket(family);
  58   }
  59
  60   return sock;
  61 }
  62 #elif defined(XP_UNIX)
  63 // The proxy host on UNIX systems may point to a local file uri
  64 // in which case we should create an AF_LOCAL (UNIX Domain) socket
  65 // instead of the requested AF_INET or AF_INET6 socket.
  66
  67 // Normally,this socket would get thrown out and recreated later on
  68 // with the proper family, but we want to do it early here so that
  69 // we can enforce seccomp policy to blacklist socket(AF_INET) calls
  70 // to prevent the content sandbox from creating network requests
  71 static PRFileDesc* OpenTCPSocket(int32_t family, nsIProxyInfo* proxy) {
  72   nsAutoCString proxyHost;
  73   proxy->GetHost(proxyHost);
  74   if (StringBeginsWith(proxyHost, "file://"_ns)) {
  75     family = AF_LOCAL;
  76   }
  77
  78   return PR_OpenTCPSocket(family);
  79 }
  80 #else
  81 // Default, pass-through to PR_OpenTCPSocket
  82 static PRFileDesc* OpenTCPSocket(int32_t family, nsIProxyInfo*) {
  83   return PR_OpenTCPSocket(family);
  84 }
  85 #endif
  86
  87 NS_IMETHODIMP
  88 nsSOCKSSocketProvider::NewSocket(int32_t family, const char* host, int32_t port,
  89                                  nsIProxyInfo* proxy,
  90                                  const OriginAttributes& originAttributes,
  91                                  uint32_t flags, uint32_t tlsFlags,
  92                                  PRFileDesc** result, nsISupports** socksInfo) {
  93   PRFileDesc* sock = OpenTCPSocket(family, proxy);
  94   if (!sock) {
  95     return NS_ERROR_OUT_OF_MEMORY;
  96   }
  97
  98   nsresult rv = nsSOCKSIOLayerAddToSocket(family, host, port, proxy, mVersion,
  99                                           flags, tlsFlags, sock, socksInfo);
 100   if (NS_SUCCEEDED(rv)) {
 101     *result = sock;
 102     return NS_OK;
 103   }
 104
 105   return NS_ERROR_SOCKET_CREATE_FAILED;
 106 }
 107
 108 NS_IMETHODIMP
 109 nsSOCKSSocketProvider::AddToSocket(int32_t family, const char* host,
 110                                    int32_t port, nsIProxyInfo* proxy,
 111                                    const OriginAttributes& originAttributes,
 112                                    uint32_t flags, uint32_t tlsFlags,
 113                                    PRFileDesc* sock, nsISupports** socksInfo) {
 114   nsresult rv = nsSOCKSIOLayerAddToSocket(family, host, port, proxy, mVersion,
 115                                           flags, tlsFlags, sock, socksInfo);
 116
 117   if (NS_FAILED(rv)) rv = NS_ERROR_SOCKET_CREATE_FAILED;
 118   return rv;
 119 }