search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
tor-resolve: Don't automatically refuse .onion addresses.
[tor/rransom.git] / src / tools / tor-resolve.c
blobfe4e882416617c8e3e2c33ae2927871398d09243
1 /* Copyright (c) 2004-2006, Roger Dingledine, Nick Mathewson
2 * Copyright (c) 2007-2009, The Tor Project, Inc.
3 */
4 /* See LICENSE for licensing information */
5
6 #include "orconfig.h"
7
8 #include "compat.h"
9 #include "util.h"
10 #include "address.h"
11 #include "log.h"
12
13 #include <stdio.h>
14 #include <stdlib.h>
15 #include <stdarg.h>
16 #include <string.h>
17 #include <assert.h>
18
19 #ifdef HAVE_NETINET_IN_H
20 #include <netinet/in.h>
21 #endif
22 #ifdef HAVE_ARPA_INET_H
23 #include <arpa/inet.h>
24 #endif
25 #ifdef HAVE_SYS_SOCKET_H
26 #include <sys/socket.h>
27 #endif
28 #ifdef HAVE_SYS_TYPES_H
29 #include <sys/types.h> /* Must be included before sys/stat.h for Ultrix */
30 #endif
31 #ifdef HAVE_ERRNO_H
32 #include <errno.h>
33 #endif
34
35 #ifdef MS_WINDOWS
36 #if defined(_MSC_VER) && (_MSC_VER <= 1300)
37 #include <winsock.h>
38 #else
39 #include <winsock2.h>
40 #include <ws2tcpip.h>
41 #endif
42 #endif
43
44 #define RESPONSE_LEN_4 8
45 #define log_sock_error(act, _s) \
46 STMT_BEGIN log_fn(LOG_ERR, LD_NET, "Error while %s: %s", act, \
47 tor_socket_strerror(tor_socket_errno(_s))); STMT_END
48
49 static void usage(void) ATTR_NORETURN;
50
51 /** Set *<b>out</b> to a newly allocated SOCKS4a resolve request with
52 * <b>username</b> and <b>hostname</b> as provided. Return the number
53 * of bytes in the request. */
54 static int
55 build_socks_resolve_request(char **out,
56 const char *username,
57 const char *hostname,
58 int reverse,
59 int version)
60 {
61 size_t len = 0;
62 tor_assert(out);
63 tor_assert(username);
64 tor_assert(hostname);
65
66 if (version == 4) {
67 len = 8 + strlen(username) + 1 + strlen(hostname) + 1;
68 *out = tor_malloc(len);
69 (*out)[0] = 4; /* SOCKS version 4 */
70 (*out)[1] = '\xF0'; /* Command: resolve. */
71 set_uint16((*out)+2, htons(0)); /* port: 0. */
72 set_uint32((*out)+4, htonl(0x00000001u)); /* addr: 0.0.0.1 */
73 memcpy((*out)+8, username, strlen(username)+1);
74 memcpy((*out)+8+strlen(username)+1, hostname, strlen(hostname)+1);
75 } else if (version == 5) {
76 int is_ip_address;
77 struct in_addr in;
78 size_t addrlen;
79 is_ip_address = tor_inet_aton(hostname, &in);
80 if (!is_ip_address && reverse) {
81 log_err(LD_GENERAL, "Tried to do a reverse lookup on a non-IP!");
82 return -1;
83 }
84 addrlen = reverse ? 4 : 1 + strlen(hostname);
85 len = 6 + addrlen;
86 *out = tor_malloc(len);
87 (*out)[0] = 5; /* SOCKS version 5 */
88 (*out)[1] = reverse ? '\xF1' : '\xF0'; /* RESOLVE_PTR or RESOLVE */
89 (*out)[2] = 0; /* reserved. */
90 (*out)[3] = reverse ? 1 : 3;
91 if (reverse) {
92 set_uint32((*out)+4, in.s_addr);
93 } else {
94 (*out)[4] = (char)(uint8_t)(addrlen - 1);
95 memcpy((*out)+5, hostname, addrlen - 1);
96 }
97 set_uint16((*out)+4+addrlen, 0); /* port */
98 } else {
99 tor_assert(0);
100 }
101
102 return len;
103 }
104
105 /** Given a <b>len</b>-byte SOCKS4a response in <b>response</b>, set
106 * *<b>addr_out</b> to the address it contains (in host order).
107 * Return 0 on success, -1 on error.
108 */
109 static int
110 parse_socks4a_resolve_response(const char *hostname,
111 const char *response, size_t len,
112 uint32_t *addr_out)
113 {
114 uint8_t status;
115 tor_assert(response);
116 tor_assert(addr_out);
117
118 if (len < RESPONSE_LEN_4) {
119 log_warn(LD_PROTOCOL,"Truncated socks response.");
120 return -1;
121 }
122 if (((uint8_t)response[0])!=0) { /* version: 0 */
123 log_warn(LD_PROTOCOL,"Nonzero version in socks response: bad format.");
124 return -1;
125 }
126 status = (uint8_t)response[1];
127 if (get_uint16(response+2)!=0) { /* port: 0 */
128 log_warn(LD_PROTOCOL,"Nonzero port in socks response: bad format.");
129 return -1;
130 }
131 if (status != 90) {
132 log_warn(LD_NET,"Got status response '%d': socks request failed.", status);
133 if (!strcasecmpend(hostname, ".onion")) {
134 log_warn(LD_NET,
135 "%s is a hidden service; those don't have IP addresses. "
136 "To connect to a hidden service, you need to send the hostname "
137 "to Tor; we suggest an application that uses SOCKS 4a.",hostname);
138 return -1;
139 }
140 return -1;
141 }
142
143 *addr_out = ntohl(get_uint32(response+4));
144 return 0;
145 }
146
147 /* It would be nice to let someone know what SOCKS5 issue a user may have */
148 static const char *
149 socks5_reason_to_string(char reason)
150 {
151 switch(reason) {
152 case SOCKS5_SUCCEEDED:
153 return "succeeded";
154 case SOCKS5_GENERAL_ERROR:
155 return "general error";
156 case SOCKS5_NOT_ALLOWED:
157 return "not allowed";
158 case SOCKS5_NET_UNREACHABLE:
159 return "network is unreachable";
160 case SOCKS5_HOST_UNREACHABLE:
161 return "host is unreachable";
162 case SOCKS5_CONNECTION_REFUSED:
163 return "connection refused";
164 case SOCKS5_TTL_EXPIRED:
165 return "ttl expired";
166 case SOCKS5_COMMAND_NOT_SUPPORTED:
167 return "command not supported";
168 case SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED:
169 return "address type not supported";
170 default:
171 return "unknown SOCKS5 code";
172 }
173 }
174
175 /** Send a resolve request for <b>hostname</b> to the Tor listening on
176 * <b>sockshost</b>:<b>socksport</b>. Store the resulting IPv4
177 * address (in host order) into *<b>result_addr</b>.
178 */
179 static int
180 do_resolve(const char *hostname, uint32_t sockshost, uint16_t socksport,
181 int reverse, int version,
182 uint32_t *result_addr, char **result_hostname)
183 {
184 int s;
185 struct sockaddr_in socksaddr;
186 char *req = NULL;
187 int len = 0;
188
189 tor_assert(hostname);
190 tor_assert(result_addr);
191 tor_assert(version == 4 || version == 5);
192
193 *result_addr = 0;
194 *result_hostname = NULL;
195
196 s = tor_open_socket(PF_INET,SOCK_STREAM,IPPROTO_TCP);
197 if (s<0) {
198 log_sock_error("creating_socket", -1);
199 return -1;
200 }
201
202 memset(&socksaddr, 0, sizeof(socksaddr));
203 socksaddr.sin_family = AF_INET;
204 socksaddr.sin_port = htons(socksport);
205 socksaddr.sin_addr.s_addr = htonl(sockshost);
206 if (connect(s, (struct sockaddr*)&socksaddr, sizeof(socksaddr))) {
207 log_sock_error("connecting to SOCKS host", s);
208 return -1;
209 }
210
211 if (version == 5) {
212 char method_buf[2];
213 if (write_all(s, "\x05\x01\x00", 3, 1) != 3) {
214 log_err(LD_NET, "Error sending SOCKS5 method list.");
215 return -1;
216 }
217 if (read_all(s, method_buf, 2, 1) != 2) {
218 log_err(LD_NET, "Error reading SOCKS5 methods.");
219 return -1;
220 }
221 if (method_buf[0] != '\x05') {
222 log_err(LD_NET, "Unrecognized socks version: %u",
223 (unsigned)method_buf[0]);
224 return -1;
225 }
226 if (method_buf[1] != '\x00') {
227 log_err(LD_NET, "Unrecognized socks authentication method: %u",
228 (unsigned)method_buf[1]);
229 return -1;
230 }
231 }
232
233 if ((len = build_socks_resolve_request(&req, "", hostname, reverse,
234 version))<0) {
235 log_err(LD_BUG,"Error generating SOCKS request");
236 tor_assert(!req);
237 return -1;
238 }
239 if (write_all(s, req, len, 1) != len) {
240 log_sock_error("sending SOCKS request", s);
241 tor_free(req);
242 return -1;
243 }
244 tor_free(req);
245
246 if (version == 4) {
247 char reply_buf[RESPONSE_LEN_4];
248 if (read_all(s, reply_buf, RESPONSE_LEN_4, 1) != RESPONSE_LEN_4) {
249 log_err(LD_NET, "Error reading SOCKS4 response.");
250 return -1;
251 }
252 if (parse_socks4a_resolve_response(hostname,
253 reply_buf, RESPONSE_LEN_4,
254 result_addr)<0){
255 return -1;
256 }
257 } else {
258 char reply_buf[4];
259 if (read_all(s, reply_buf, 4, 1) != 4) {
260 log_err(LD_NET, "Error reading SOCKS5 response.");
261 return -1;
262 }
263 if (reply_buf[0] != 5) {
264 log_err(LD_NET, "Bad SOCKS5 reply version.");
265 return -1;
266 }
267 /* Give a user some useful feedback about SOCKS5 errors */
268 if (reply_buf[1] != 0) {
269 log_warn(LD_NET,"Got SOCKS5 status response '%u': %s",
270 (unsigned)reply_buf[1],
271 socks5_reason_to_string(reply_buf[1]));
272 if (reply_buf[1] == 4 && !strcasecmpend(hostname, ".onion")) {
273 log_warn(LD_NET,
274 "%s is a hidden service; those don't have IP addresses. "
275 "To connect to a hidden service, you need to send the hostname "
276 "to Tor; we suggest an application that uses SOCKS 4a.",
277 hostname);
278 }
279 return -1;
280 }
281 if (reply_buf[3] == 1) {
282 /* IPv4 address */
283 if (read_all(s, reply_buf, 4, 1) != 4) {
284 log_err(LD_NET, "Error reading address in socks5 response.");
285 return -1;
286 }
287 *result_addr = ntohl(get_uint32(reply_buf));
288 } else if (reply_buf[3] == 3) {
289 size_t result_len;
290 if (read_all(s, reply_buf, 1, 1) != 1) {
291 log_err(LD_NET, "Error reading address_length in socks5 response.");
292 return -1;
293 }
294 result_len = *(uint8_t*)(reply_buf);
295 *result_hostname = tor_malloc(result_len+1);
296 if (read_all(s, *result_hostname, result_len, 1) != (int) result_len) {
297 log_err(LD_NET, "Error reading hostname in socks5 response.");
298 return -1;
299 }
300 (*result_hostname)[result_len] = '\0';
301 }
302 }
303
304 return 0;
305 }
306
307 /** Print a usage message and exit. */
308 static void
309 usage(void)
310 {
311 puts("Syntax: tor-resolve [-4] [-v] [-x] [-F] [-p port] "
312 "hostname [sockshost:socksport]");
313 exit(1);
314 }
315
316 /** Entry point to tor-resolve */
317 int
318 main(int argc, char **argv)
319 {
320 uint32_t sockshost;
321 uint16_t socksport = 0, port_option = 0;
322 int isSocks4 = 0, isVerbose = 0, isReverse = 0, force = 0;
323 char **arg;
324 int n_args;
325 struct in_addr a;
326 uint32_t result = 0;
327 char *result_hostname = NULL;
328 char buf[INET_NTOA_BUF_LEN];
329 log_severity_list_t *s = tor_malloc_zero(sizeof(log_severity_list_t));
330
331 init_logging();
332
333 arg = &argv[1];
334 n_args = argc-1;
335
336 if (!n_args)
337 usage();
338
339 if (!strcmp(arg[0],"--version")) {
340 printf("Tor version %s.\n",VERSION);
341 return 0;
342 }
343 while (n_args && *arg[0] == '-') {
344 if (!strcmp("-v", arg[0]))
345 isVerbose = 1;
346 else if (!strcmp("-4", arg[0]))
347 isSocks4 = 1;
348 else if (!strcmp("-5", arg[0]))
349 isSocks4 = 0;
350 else if (!strcmp("-x", arg[0]))
351 isReverse = 1;
352 else if (!strcmp("-F", arg[0]))
353 force = 1;
354 else if (!strcmp("-p", arg[0])) {
355 int p;
356 if (n_args < 2) {
357 fprintf(stderr, "No arguments given to -p\n");
358 usage();
359 }
360 p = atoi(arg[1]);
361 if (p<1 || p > 65535) {
362 fprintf(stderr, "-p requires a number between 1 and 65535\n");
363 usage();
364 }
365 port_option = (uint16_t) p;
366 ++arg; /* skip the port */
367 --n_args;
368 } else {
369 fprintf(stderr, "Unrecognized flag '%s'\n", arg[0]);
370 usage();
371 }
372 ++arg;
373 --n_args;
374 }
375
376 if (isSocks4 && isReverse) {
377 fprintf(stderr, "Reverse lookups not supported with SOCKS4a\n");
378 usage();
379 }
380
381 if (isVerbose)
382 set_log_severity_config(LOG_DEBUG, LOG_ERR, s);
383 else
384 set_log_severity_config(LOG_WARN, LOG_ERR, s);
385 add_stream_log(s, "<stderr>", fileno(stderr));
386
387 if (n_args == 1) {
388 log_debug(LD_CONFIG, "defaulting to localhost");
389 sockshost = 0x7f000001u; /* localhost */
390 if (port_option) {
391 log_debug(LD_CONFIG, "Using port %d", (int)port_option);
392 socksport = port_option;
393 } else {
394 log_debug(LD_CONFIG, "defaulting to port 9050");
395 socksport = 9050; /* 9050 */
396 }
397 } else if (n_args == 2) {
398 if (parse_addr_port(LOG_WARN, arg[1], NULL, &sockshost, &socksport)<0) {
399 fprintf(stderr, "Couldn't parse/resolve address %s", arg[1]);
400 return 1;
401 }
402 if (socksport && port_option && socksport != port_option) {
403 log_warn(LD_CONFIG, "Conflicting ports; using %d, not %d",
404 (int)socksport, (int)port_option);
405 } else if (port_option) {
406 socksport = port_option;
407 } else if (!socksport) {
408 log_debug(LD_CONFIG, "defaulting to port 9050");
409 socksport = 9050;
410 }
411 } else {
412 usage();
413 }
414
415 if (network_init()<0) {
416 log_err(LD_BUG,"Error initializing network; exiting.");
417 return 1;
418 }
419
420 if (do_resolve(arg[0], sockshost, socksport, isReverse,
421 isSocks4 ? 4 : 5, &result,
422 &result_hostname))
423 return 1;
424
425 if (result_hostname) {
426 printf("%s\n", result_hostname);
427 } else {
428 a.s_addr = htonl(result);
429 tor_inet_ntoa(&a, buf, sizeof(buf));
430 printf("%s\n", buf);
431 }
432 return 0;
433 }
434