[git] Assuan - branch, master, updated. libassuan-2.4.1-4-g05ac2dc

by Werner Koch cvs at cvs.gnupg.org
Fri Nov 27 12:04:05 CET 2015 

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPC library used by GnuPG".

The branch, master has been updated
       via  05ac2dc5c77fa4b87e98508c1b15fd254806b1ce (commit)
      from  18ca1593c62d62bb72b4e7e14347cd221c187138 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 05ac2dc5c77fa4b87e98508c1b15fd254806b1ce
Author: Werner Koch <wk at gnupg.org>
Date:   Fri Nov 27 11:54:52 2015 +0100

    New feature to test for SOCKS5 proxy availability.
    
    * src/assuan-socket.c (socks5_connect): Add special treatment for
    empty hostnames.
    (_assuan_sock_connect_byname): Add feature to test for proxy
    availibility.
    * tests/socks5.c (main): Add option --have-proxy.
    
    Signed-off-by: Werner Koch <wk at gnupg.org>

diff --git a/NEWS b/NEWS
index 7168207..a7e4237 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,9 @@ Noteworthy changes in version 2.4.2 (unreleased) [C7/A7/R_]
  * The nPth version of the connect system hook does now wrap the call
    with npth_unprotec/npth_protect to avoid blocking during a connect.
 
+ * Add feature to assuan_sock_connect_byname to test for SOCKS5
+   availability.
+
 
 Noteworthy changes in version 2.4.1 (2015-11-23) [C7/A7/R1]
 ------------------------------------------------
diff --git a/doc/assuan.texi b/doc/assuan.texi
index 131ffc1..aae3de7 100644
--- a/doc/assuan.texi
+++ b/doc/assuan.texi
@@ -1995,7 +1995,12 @@ current implementation requires that @var{flags} has either
 new TCP STREAM socket is returned; on error @code{ASSUAN_INVALID_FD}
 and ERRNO set.  If @var{credentials} is not @code{NULL}, it is a
 string used for password based SOCKS authentication.  Username and
-password are separated by a colon. @var{reserved} should be 0.
+password are separated by a colon. @var{reserved} should be 0.  To
+test whether the proxy is available @var{host} and @var{port} may be
+given as NULL/0:  If the proxy is available the function returns a
+valid socket which is in the state after credentials sub-negotiation.
+The caller now knows that the SOCKS proxy is available and has been
+authenticated; normally the caller closes the socket then.
 @end deftypefun
 
 
diff --git a/src/assuan-socket.c b/src/assuan-socket.c
index bb0e610..d5e4ee4 100644
--- a/src/assuan-socket.c
+++ b/src/assuan-socket.c
@@ -814,6 +814,13 @@ socks5_connect (assuan_context_t ctx, assuan_fd_t sock,
         }
     }
 
+  if (hostname && !*hostname && !hostport)
+    {
+      /* Empty hostname given.  Stop right here to allow the caller to
+         do the actual proxy request.  */
+      return 0;
+    }
+
   /* Send request details (rfc-1928, 4).  */
   buffer[0] = 5; /* VER  */
   buffer[1] = 1; /* CMD = CONNECT  */
@@ -1059,11 +1066,13 @@ _assuan_sock_connect (assuan_context_t ctx, assuan_fd_t sockfd,
 
 /* Connect to HOST specified as host name on PORT.  The current
    implementation requires that either the flags ASSUAN_SOCK_SOCKS or
-   ASSUAN_SOCK_TOR are give in FLAGS.  On success a new socket is
+   ASSUAN_SOCK_TOR are given in FLAGS.  On success a new socket is
    returned; on error ASSUAN_INVALID_FD is returned and ERRNO set.  If
    CREDENTIALS is not NULL, it is a string used for password based
-   authentication.  Username and password are separated by a
-   colon.  RESERVED must be 0. */
+   authentication.  Username and password are separated by a colon.
+   RESERVED must be 0.  By passing HOST and PORT as 0 the function can
+   be used to check for proxy availability: If the proxy is available
+   a socket will be returned which the caller should then close.  */
 assuan_fd_t
 _assuan_sock_connect_byname (assuan_context_t ctx, const char *host,
                              unsigned short port, int reserved,
@@ -1082,12 +1091,23 @@ _assuan_sock_connect_byname (assuan_context_t ctx, const char *host,
       return ASSUAN_INVALID_FD;
     }
 
+  if (host && !*host)
+    {
+      /* Error out early on an empty host name.  See below.  */
+      gpg_err_set_errno (EINVAL);
+      return ASSUAN_INVALID_FD;
+    }
+
   fd = _assuan_sock_new (ctx, AF_INET, SOCK_STREAM, 0);
   if (fd == ASSUAN_INVALID_FD)
     return fd;
 
+  /* For HOST being NULL we pass an empty string which indicates to
+     socks5_connect to stop midway during the proxy negotiation.  Note
+     that we can't pass NULL directly as this indicates IP address
+     mode to the called function.  */
   if (socks5_connect (ctx, fd, socksport,
-                      credentials, host, port, NULL, 0))
+                      credentials, host? host:"", port, NULL, 0))
     {
       int save_errno = errno;
       assuan_sock_close (fd);
diff --git a/tests/socks5.c b/tests/socks5.c
index 7ab0438..b3754b8 100644
--- a/tests/socks5.c
+++ b/tests/socks5.c
@@ -53,6 +53,7 @@ main (int argc, char **argv)
   int only_v6 = 0;
   int only_v4 = 0;
   int use_tor = 0;
+  int opt_have_proxy = 0;
   int disable_socks = 0;
   int opt_byname = 0;
   const char *user = NULL;
@@ -87,6 +88,7 @@ main (int argc, char **argv)
                 "  --inet6-only     Use only IPv6\n"
                 "  --inet4-only     Use only IPv4\n"
                 "  --disable-socks  Connect w/o SOCKS\n"
+                "  --have-proxy     Check whether the proxy is available\n"
                 "  --byname         Use assuan_sock_connect_byname\n"
                 "  --user STRING    Use STRING as user for authentication\n"
                 "  --pass STRING    Use STRING as password for authentication\n"
@@ -128,6 +130,11 @@ main (int argc, char **argv)
           opt_byname = 1;
           argc--; argv++;
         }
+      else if (!strcmp (*argv, "--have-proxy"))
+        {
+          opt_have_proxy = 1;
+          argc--; argv++;
+        }
       else if (!strcmp (*argv, "--user"))
         {
           argc--; argv++;
@@ -153,7 +160,7 @@ main (int argc, char **argv)
         }
     }
 
-  if (argc != 2)
+  if (argc != 2 && !opt_have_proxy)
     {
       fputs ("usage: socks5 HOST PORT\n", stderr);
       exit (1);
@@ -175,7 +182,30 @@ main (int argc, char **argv)
                  use_tor? "TOR": "SOCKS", gpg_strerror (err));
     }
 
-  if (opt_byname)
+  if (opt_have_proxy)
+    {
+      char *cred;
+
+      if (user || pass)
+        cred = xstrconcat (user?user:"", ":", pass, NULL);
+      else
+        cred = NULL;
+
+      sock = assuan_sock_connect_byname
+        (NULL, 0, 0, cred, use_tor? ASSUAN_SOCK_TOR : ASSUAN_SOCK_SOCKS);
+      if (sock == ASSUAN_INVALID_FD)
+        {
+          err = gpg_error_from_syserror ();
+          log_error ("SOCKS proxy is not available (%s)\n", gpg_strerror (err));
+          exit (1);
+        }
+      xfree (cred);
+      assuan_sock_close (sock);
+      if (verbose)
+        log_info ("SOCKS proxy available\n");
+      exit (0);
+    }
+  else if (opt_byname)
     {
       unsigned short port;
       char *cred;

-----------------------------------------------------------------------

Summary of changes:
 NEWS                |  3 +++
 doc/assuan.texi     |  7 ++++++-
 src/assuan-socket.c | 28 ++++++++++++++++++++++++----
 tests/socks5.c      | 34 ++++++++++++++++++++++++++++++++--
 4 files changed, 65 insertions(+), 7 deletions(-)


hooks/post-receive
-- 
IPC library used by GnuPG
http://git.gnupg.org

More information about the Gnupg-commits mailing list