1. /*

  2.  * @(#)SocksSocketImpl.java	1.8 03/01/23

  3.  *

  4.  * Copyright 2003 Sun Microsystems, Inc. All rights reserved.

  5.  * SUN PROPRIETARY/CONFIDENTIAL. Use is subject to license terms.

  6.  */

  7. package java.net;

  8. import java.io.IOException;

  9. import java.io.InputStream;

  10. import java.io.OutputStream;

  11. import java.io.DataOutputStream;

  12. import java.io.BufferedReader;

  13. import java.io.InputStreamReader;

  14. import java.security.AccessController;

  15. import java.security.PrivilegedExceptionAction;

  16. import java.util.prefs.Preferences;

  17. /* import org.ietf.jgss.*; */

  18. 

  19. /**

  20.  * SOCKS (V4 & V5) TCP socket implementation (RFC 1928).

  21.  * This is a subclass of PlainSocketImpl.

  22.  * Note this class should <b>NOT</b> be public.

  23.  */

  24. 

  25. class SocksSocketImpl extends PlainSocketImpl implements SocksConsts {

  26.     private String server = null;

  27.     private int port = DEFAULT_PORT;

  28.     private InetSocketAddress external_address;

  29.     private boolean useV4 = false;

  30.     private Socket cmdsock = null;

  31.     private InputStream cmdIn = null;

  32.     private OutputStream cmdOut = null;

  33. 

  34.     SocksSocketImpl(String server, int port) {

  35. 	this.server = server;

  36. 	this.port = (port == -1 ? DEFAULT_PORT : port);

  37.     }

  38. 

  39.     void setV4() {

  40. 	useV4 = true;

  41.     }

  42. 

  43.     private synchronized void privilegedConnect(final String host,

  44. 					      final int port,

  45. 					      final int timeout)

  46.  	 throws IOException

  47.     {

  48.  	try {

  49.  	    AccessController.doPrivileged(

  50. 		  new java.security.PrivilegedExceptionAction() {

  51. 			  public Object run() throws IOException {

  52. 			      superConnectServer(host, port, timeout);

  53. 			      cmdIn = getInputStream();

  54. 			      cmdOut = getOutputStream();

  55. 			      return null;

  56. 			  }

  57. 		      });

  58.  	} catch (java.security.PrivilegedActionException pae) {

  59.  	    throw (IOException) pae.getException();

  60.  	}

  61.     }

  62. 

  63.     private void superConnectServer(String host, int port,

  64. 				    int timeout) throws IOException {

  65. 	super.connect(new InetSocketAddress(host, port), timeout);

  66.     }

  67. 

  68.     private int readSocksReply(InputStream in, byte[] data) throws IOException {

  69. 	int len = data.length;

  70. 	int received = 0;

  71. 	for (int attempts = 0; received < len && attempts < 3; attempts++) {

  72. 	    int count = in.read(data, received, len - received);

  73. 	    if (count < 0)

  74. 		throw new SocketException("Malformed reply from SOCKS server");

  75. 	    received += count;

  76. 	}

  77. 	return received;

  78.     }

  79. 

  80.     /**

  81.      * Provides the authentication machanism required by the proxy.

  82.      */

  83.     private boolean authenticate(byte method, InputStream in, 

  84. 				 DataOutputStream out) throws IOException {

  85. 	byte[] data = null;

  86. 	int i;

  87. 	// No Authentication required. We're done then!

  88. 	if (method == NO_AUTH)

  89. 	    return true;

  90. 	/**

  91. 	 * User/Password authentication. Try, in that order :

  92. 	 * - The application provided Authenticator, if any

  93. 	 * - The user preferences java.net.socks.username & 

  94. 	 *   java.net.socks.password

  95. 	 * - the user.name & no password (backward compatibility behavior).

  96. 	 */

  97. 	if (method == USER_PASSW) {

  98. 	    String userName;

  99. 	    String password = null;

  100. 	    final InetAddress addr = InetAddress.getByName(server);

  101. 	    PasswordAuthentication pw = (PasswordAuthentication)

  102. 		java.security.AccessController.doPrivileged(

  103. 		    new java.security.PrivilegedAction() {

  104. 			    public Object run() {

  105. 				return Authenticator.requestPasswordAuthentication(

  106.                                        server, addr, port, "SOCKS5", "SOCKS authentication", null);

  107. 			    }

  108. 			});

  109. 	    if (pw != null) {

  110. 		userName = pw.getUserName();

  111. 		password = new String(pw.getPassword());

  112. 	    } else {

  113. 		final Preferences prefs = Preferences.userRoot().node("/java/net/socks");

  114. 		try {

  115. 		    userName = 

  116. 			(String) AccessController.doPrivileged(

  117. 			       new java.security.PrivilegedExceptionAction() {

  118. 				       public Object run() throws IOException {

  119. 					   return prefs.get("username", null);

  120. 				       }

  121. 				   });

  122. 		} catch (java.security.PrivilegedActionException pae) {

  123. 		    throw (IOException) pae.getException();

  124. 		}

  125. 

  126. 		if (userName != null) {

  127. 		    try {

  128. 			password = 

  129. 			    (String) AccessController.doPrivileged(

  130. 				   new java.security.PrivilegedExceptionAction() {

  131. 					   public Object run() throws IOException {

  132. 					       return prefs.get("password", null);

  133. 					   }

  134. 				       });

  135. 		    } catch (java.security.PrivilegedActionException pae) {

  136. 			throw (IOException) pae.getException();

  137. 		    }

  138. 		} else {

  139. 		    userName = 

  140. 			(String) java.security.AccessController.doPrivileged(

  141. 									     new sun.security.action.GetPropertyAction("user.name"));

  142. 		}

  143. 	    }

  144. 	    if (userName == null)

  145. 		return false;

  146. 	    out.write(1);

  147. 	    out.write(userName.length());

  148. 	    out.write(userName.getBytes());

  149. 	    if (password != null) {

  150. 		out.write(password.length());

  151. 		out.write(password.getBytes());

  152. 	    } else

  153. 		out.write(0);

  154. 	    out.flush();

  155. 	    data = new byte[2];

  156. 	    i = readSocksReply(in, data);

  157. 	    if (i != 2 || data[1] != 0) {

  158. 		/* RFC 1929 specifies that the connection MUST be closed if

  159. 		   authentication fails */

  160. 		out.close();

  161. 		in.close();

  162. 		return false;

  163. 	    }

  164. 	    /* Authentication succeeded */

  165. 	    return true;

  166. 	}

  167. 	/**

  168. 	 * GSSAPI authentication mechanism.

  169. 	 * Unfortunately the RFC seems out of sync with the Reference

  170. 	 * implementation. I'll leave this in for future completion.

  171. 	 */

  172. // 	if (method == GSSAPI) {

  173. // 	    try {

  174. // 		GSSManager manager = GSSManager.getInstance();

  175. // 		GSSName name = manager.createName("SERVICE:socks@"+server,

  176. // 						     null);

  177. // 		GSSContext context = manager.createContext(name, null, null,

  178. // 							   GSSContext.DEFAULT_LIFETIME);

  179. // 		context.requestMutualAuth(true);

  180. // 		context.requestReplayDet(true);

  181. // 		context.requestSequenceDet(true);

  182. // 		context.requestCredDeleg(true);

  183. // 		byte []inToken = new byte[0];

  184. // 		while (!context.isEstablished()) {

  185. // 		    byte[] outToken 

  186. // 			= context.initSecContext(inToken, 0, inToken.length);

  187. // 		    // send the output token if generated

  188. // 		    if (outToken != null) {

  189. // 			out.write(1);

  190. // 			out.write(1);

  191. // 			out.writeShort(outToken.length);

  192. // 			out.write(outToken);

  193. // 			out.flush();

  194. // 			data = new byte[2];

  195. // 			i = readSocksReply(in, data);

  196. // 			if (i != 2 || data[1] == 0xff) {

  197. // 			    in.close();

  198. // 			    out.close();

  199. // 			    return false;

  200. // 			}

  201. // 			i = readSocksReply(in, data);

  202. // 			int len = 0;

  203. // 			len = ((int)data[0] & 0xff) << 8;

  204. // 			len += data[1];

  205. // 			data = new byte[len];

  206. // 			i = readSocksReply(in, data);

  207. // 			if (i == len)

  208. // 			    return true;

  209. // 			in.close();

  210. // 			out.close();

  211. // 		    }

  212. // 		}

  213. // 	    } catch (GSSException e) {

  214. // 		/* RFC 1961 states that if Context initialisation fails the connection

  215. // 		   MUST be closed */

  216. // 		e.printStackTrace();

  217. // 		in.close();

  218. // 		out.close();

  219. // 	    }

  220. // 	}

  221. 	return false;

  222.     }

  223. 

  224.     private void connectV4(InputStream in, OutputStream out,

  225. 			   InetSocketAddress endpoint) throws IOException {

  226. 	out.write(PROTO_VERS4);

  227. 	out.write(CONNECT);

  228. 	out.write((endpoint.getPort() >> 8) & 0xff);

  229. 	out.write((endpoint.getPort() >> 0) & 0xff);

  230. 	out.write(endpoint.getAddress().getAddress());

  231. 	String userName = (String) java.security.AccessController.doPrivileged(

  232.                new sun.security.action.GetPropertyAction("user.name"));

  233. 	out.write(userName.getBytes());

  234. 	out.write(0);

  235. 	out.flush();

  236. 	byte[] data = new byte[8];

  237. 	int n = readSocksReply(in, data);

  238. 	if (n != 8)

  239. 	    throw new SocketException("Reply from SOCKS server has bad length: " + n);

  240. 	if (data[0] != 0 && data[0] != 4) 

  241. 	    throw new SocketException("Reply from SOCKS server has bad version");

  242. 	SocketException ex = null;

  243. 	switch (data[1]) {

  244. 	case 90:

  245. 	    // Success!

  246. 	    external_address = endpoint;

  247. 	    break;

  248. 	case 91:

  249. 	    ex = new SocketException("SOCKS request rejected");

  250. 	    break;

  251. 	case 92:

  252. 	    ex = new SocketException("SOCKS server couldn't reach destination");

  253. 	    break;

  254. 	case 93:

  255. 	    ex = new SocketException("SOCKS authentication failed");

  256. 	    break;

  257. 	default:

  258. 	    ex = new SocketException("Replay from SOCKS server contains bad status");

  259. 	    break;

  260. 	}

  261. 	if (ex != null) {

  262. 	    in.close();

  263. 	    out.close();

  264. 	    throw ex;

  265. 	}

  266.     }

  267. 

  268.     /**

  269.      * Connects the Socks Socket to the specified endpoint. It will first

  270.      * connect to the SOCKS proxy and negotiate the access. If the proxy

  271.      * grants the connections, then the connect is successful and all

  272.      * further traffic will go to the "real" endpoint.

  273.      *

  274.      * @param	endpoint	the <code>SocketAddress</code> to connect to.

  275.      * @param	timeout		the timeout value in milliseconds

  276.      * @throws	IOException	if the connection can't be established.

  277.      * @throws	SecurityException if there is a security manager and it

  278.      *				doesn't allow the connection

  279.      * @throws  IllegalArgumentException if endpoint is null or a

  280.      *          SocketAddress subclass not supported by this socket

  281.      */

  282.     protected void connect(SocketAddress endpoint, int timeout) throws IOException {

  283. 	SecurityManager security = System.getSecurityManager();

  284. 	if (endpoint == null || !(endpoint instanceof InetSocketAddress))

  285. 	    throw new IllegalArgumentException("Unsupported address type");

  286. 	InetSocketAddress epoint = (InetSocketAddress) endpoint;

  287. 	if (security != null) {

  288. 	    if (epoint.isUnresolved())

  289. 		security.checkConnect(epoint.getHostName(),

  290. 				      epoint.getPort());

  291. 	    else

  292. 		security.checkConnect(epoint.getAddress().getHostAddress(),

  293. 				      epoint.getPort());

  294. 	}

  295. 

  296. 	// Connects to the SOCKS server

  297. 	

  298. 	try {

  299. 	    privilegedConnect(server, port, timeout);

  300. 	} catch (Exception e) {

  301. 	    throw new SocketException(e.getMessage());

  302. 	}

  303. 	// cmdIn & cmdOut were intialized during the privilegedConnect() call

  304. 	DataOutputStream out = new DataOutputStream(cmdOut);

  305. 	InputStream in = cmdIn;

  306. 	    

  307. 	if (useV4) {

  308. 	    // SOCKS Protocol version 4 doesn't know how to deal with 

  309. 	    // DOMAIN type of addresses (unresolved addresses here)

  310. 	    if (epoint.isUnresolved())

  311. 		throw new UnknownHostException(epoint.toString());

  312. 	    connectV4(in, out, epoint);

  313. 	    return;

  314. 	}

  315. 

  316. 	// This is SOCKS V5

  317. 	out.write(PROTO_VERS);

  318. 	out.write(2);

  319. 	out.write(NO_AUTH);

  320. 	out.write(USER_PASSW);

  321. 	out.flush();

  322. 	byte[] data = new byte[2];

  323. 	int i = readSocksReply(in, data);

  324. 	if (i != 2 || ((int)data[1]) == NO_METHODS)

  325. 	    throw new SocketException("SOCKS : No acceptable methods");

  326. 	if (!authenticate(data[1], in, out)) {

  327. 	    throw new SocketException("SOCKS : authentication failed");

  328. 	}

  329. 	out.write(PROTO_VERS);

  330. 	out.write(CONNECT);

  331. 	out.write(0);

  332. 	/* Test for IPV4/IPV6/Unresolved */

  333. 	if (epoint.isUnresolved()) {

  334. 	    out.write(DOMAIN_NAME);

  335. 	    out.write(epoint.getHostName().length());

  336. 	    out.write(epoint.getHostName().getBytes());

  337. 	    out.write((epoint.getPort() >> 8) & 0xff);

  338. 	    out.write((epoint.getPort() >> 0) & 0xff);

  339. 	} else if (epoint.getAddress() instanceof Inet6Address) {

  340. 	    out.write(IPV6);

  341. 	    out.write(epoint.getAddress().getAddress());

  342. 	    out.write((epoint.getPort() >> 8) & 0xff);

  343. 	    out.write((epoint.getPort() >> 0) & 0xff);

  344. 	} else {

  345. 	    out.write(IPV4);

  346. 	    out.write(epoint.getAddress().getAddress());

  347. 	    out.write((epoint.getPort() >> 8) & 0xff);

  348. 	    out.write((epoint.getPort() >> 0) & 0xff);

  349. 	}

  350. 	out.flush();

  351. 	data = new byte[4];

  352. 	i = readSocksReply(in, data);

  353. 	if (i != 4)

  354. 	    throw new SocketException("Reply from SOCKS server has bad length");

  355. 	SocketException ex = null;

  356. 	int nport, len;

  357. 	byte[] addr;

  358. 	switch (data[1]) {

  359. 	case REQUEST_OK:

  360. 	    // success!

  361. 	    switch(data[3]) {

  362. 	    case IPV4:

  363. 		addr = new byte[4];

  364. 		i = readSocksReply(in, addr);

  365. 		if (i != 4)

  366. 		    throw new SocketException("Reply from SOCKS server badly formatted");

  367. 		data = new byte[2];

  368. 		i = readSocksReply(in, data);

  369. 		if (i != 2)

  370. 		    throw new SocketException("Reply from SOCKS server badly formatted");

  371. 		nport = ((int)data[0] & 0xff) << 8;

  372. 		nport += ((int)data[1] & 0xff);

  373. 		break;

  374. 	    case DOMAIN_NAME:

  375. 		len = data[1];

  376. 		byte[] host = new byte[len];

  377. 		i = readSocksReply(in, host);

  378. 		if (i != len)

  379. 		    throw new SocketException("Reply from SOCKS server badly formatted");

  380. 		data = new byte[2];

  381. 		i = readSocksReply(in, data);

  382. 		if (i != 2)

  383. 		    throw new SocketException("Reply from SOCKS server badly formatted");

  384. 		nport = ((int)data[0] & 0xff) << 8;

  385. 		nport += ((int)data[1] & 0xff);

  386. 		break;

  387. 	    case IPV6:

  388. 		len = data[1];

  389. 		addr = new byte[len];

  390. 		i = readSocksReply(in, addr);

  391. 		if (i != len)

  392. 		    throw new SocketException("Reply from SOCKS server badly formatted");

  393. 		data = new byte[2];

  394. 		i = readSocksReply(in, data);

  395. 		if (i != 2)

  396. 		    throw new SocketException("Reply from SOCKS server badly formatted");

  397. 		nport = ((int)data[0] & 0xff) << 8;

  398. 		nport += ((int)data[1] & 0xff);

  399. 		break;

  400. 	    default:

  401. 		ex = new SocketException("Reply from SOCKS server contains wrong code");

  402. 		break;

  403. 	    }

  404. 	    break;

  405. 	case GENERAL_FAILURE:

  406. 	    ex = new SocketException("SOCKS server general failure");

  407. 	    break;

  408. 	case NOT_ALLOWED:

  409. 	    ex = new SocketException("SOCKS: Connection not allowed by ruleset");

  410. 	    break;

  411. 	case NET_UNREACHABLE:

  412. 	    ex = new SocketException("SOCKS: Network unreachable");

  413. 	    break;

  414. 	case HOST_UNREACHABLE:

  415. 	    ex = new SocketException("SOCKS: Host unreachable");

  416. 	    break;

  417. 	case CONN_REFUSED:

  418. 	    ex = new SocketException("SOCKS: Connection refused");

  419. 	    break;

  420. 	case TTL_EXPIRED:

  421. 	    ex =  new SocketException("SOCKS: TTL expired");

  422. 	    break;

  423. 	case CMD_NOT_SUPPORTED:

  424. 	    ex = new SocketException("SOCKS: Command not supported");

  425. 	    break;

  426. 	case ADDR_TYPE_NOT_SUP:

  427. 	    ex = new SocketException("SOCKS: address type not supported");

  428. 	    break;

  429. 	}

  430. 	if (ex != null) {

  431. 	    in.close();

  432. 	    out.close();

  433. 	    throw ex;

  434. 	}

  435. 	external_address = epoint;

  436.     }

  437. 

  438.     private void bindV4(InputStream in, OutputStream out,

  439. 			InetAddress baddr,

  440. 			int lport) throws IOException {

  441. 	super.bind(baddr, lport);

  442. 	/* FIXME Test for IPV4/IPV6 */

  443. 	byte[] addr1 = baddr.getAddress();

  444. 	/* Test for AnyLocal */

  445. 	InetAddress naddr = baddr;

  446. 	if (naddr.isAnyLocalAddress()) {

  447. 	    naddr = cmdsock.getLocalAddress();

  448. 	    addr1 = naddr.getAddress();

  449. 	}

  450. 	out.write(PROTO_VERS4);

  451. 	out.write(BIND);

  452. 	out.write((super.getLocalPort() >> 8) & 0xff);

  453. 	out.write((super.getLocalPort() >> 0) & 0xff);

  454. 	out.write(addr1);

  455. 	String userName = (String) java.security.AccessController.doPrivileged(

  456.                new sun.security.action.GetPropertyAction("user.name"));

  457. 	out.write(userName.getBytes());

  458. 	out.write(0);

  459. 	out.flush();

  460. 	byte[] data = new byte[8];

  461. 	int n = readSocksReply(in, data);

  462. 	if (n != 8)

  463. 	    throw new SocketException("Reply from SOCKS server has bad length: " + n);

  464. 	if (data[0] != 0 && data[0] != 4)

  465. 	    throw new SocketException("Reply from SOCKS server has bad version");

  466. 	SocketException ex = null;

  467. 	switch (data[1]) {

  468. 	case 90:

  469. 	    // Success!

  470. 	    external_address = new InetSocketAddress(baddr, lport);

  471. 	    break;

  472. 	case 91:

  473. 	    ex = new SocketException("SOCKS request rejected");

  474. 	    break;

  475. 	case 92:

  476. 	    ex = new SocketException("SOCKS server couldn't reach destination");

  477. 	    break;

  478. 	case 93:

  479. 	    ex = new SocketException("SOCKS authentication failed");

  480. 	    break;

  481. 	default:

  482. 	    ex = new SocketException("Replay from SOCKS server contains bad status");

  483. 	    break;

  484. 	}

  485. 	if (ex != null) {

  486. 	    in.close();

  487. 	    out.close();

  488. 	    throw ex;

  489. 	}

  490. 	

  491.     }

  492. 

  493.     /**

  494.      * Binds this socket to the specified port number on the specified host. 

  495.      *

  496.      * @param      baddr   the IP address of the remote host.

  497.      * @param      lport   the port number.

  498.      * @exception  IOException  if an I/O error occurs when binding this socket.

  499.      */

  500.     protected synchronized void bind(InetAddress baddr, int lport) throws IOException {

  501. 	if (socket != null) {

  502. 	    // this is a client socket, not a server socket, don't

  503. 	    // call the SOCKS proxy for a bind!

  504. 	    super.bind(baddr, lport);

  505. 	    return;

  506. 	}

  507. 

  508. 	// Connects to the SOCKS server

  509. 	

  510. 	try {

  511. 	    AccessController.doPrivileged(new PrivilegedExceptionAction() {

  512. 		    public Object run() throws Exception {

  513. 			cmdsock = new Socket(new PlainSocketImpl());

  514. 			cmdsock.connect(new InetSocketAddress(server, port));

  515. 			cmdIn = cmdsock.getInputStream();

  516. 			cmdOut = cmdsock.getOutputStream();

  517. 			return null;

  518. 		    }

  519. 		});

  520. 	} catch (Exception e) {

  521. 	    throw new SocketException(e.getMessage());

  522. 	}

  523. 	DataOutputStream out = new DataOutputStream(cmdOut);

  524. 	InputStream in = cmdIn;

  525. 	if (useV4) {

  526. 	    bindV4(in, out, baddr, lport);

  527. 	    return;

  528. 	}

  529. 	out.write(PROTO_VERS);

  530. 	out.write(2);

  531. 	out.write(NO_AUTH);

  532. 	out.write(USER_PASSW);

  533. 	out.flush();

  534. 	byte[] data = new byte[2];

  535. 	int i = readSocksReply(in, data);

  536. 	if (i != 2 || ((int)data[1]) == NO_METHODS)

  537. 	    throw new SocketException("SOCKS : No acceptable methods");

  538. 	if (!authenticate(data[1], in, out)) {

  539. 	    throw new SocketException("SOCKS : authentication failed");

  540. 	}

  541. 	// We're OK. Let's issue the BIND command after we've bound ourself localy

  542. 	super.bind(baddr, lport);

  543. 	out.write(PROTO_VERS);

  544. 	out.write(BIND);

  545. 	out.write(0);

  546. 	InetAddress naddr = baddr;

  547. 	if (naddr.isAnyLocalAddress())

  548. 	    naddr = cmdsock.getLocalAddress();

  549. 	byte[] addr1 = naddr.getAddress();

  550. 	if (naddr.family == InetAddress.IPv4) {

  551. 	    out.write(IPV4);

  552. 	    out.write(addr1);

  553. 	    out.write((super.getLocalPort() >> 8) & 0xff);

  554. 	    out.write((super.getLocalPort() >> 0) & 0xff);

  555. 	    out.flush();

  556. 	} else if (naddr.family == InetAddress.IPv6) {

  557. 	    /* Test for AnyLocal */

  558. 	    out.write(IPV6);

  559. 	    out.write(addr1);

  560. 	    out.write((super.getLocalPort() >> 8) & 0xff);

  561. 	    out.write((super.getLocalPort() >> 0) & 0xff);

  562. 	    out.flush();

  563. 	} else {

  564. 	    cmdsock.close();

  565. 	    throw new SocketException("unsupported address type : " + naddr);

  566. 	}

  567. 	data = new byte[4];

  568. 	i = readSocksReply(in, data);

  569. 	SocketException ex = null;

  570. 	int len, nport;

  571. 	byte[] addr;

  572. 	switch (data[1]) {

  573. 	case REQUEST_OK:

  574. 	    // success!

  575. 	    InetSocketAddress real_end = null;

  576. 	    switch(data[3]) {

  577. 	    case IPV4:

  578. 		addr = new byte[4];

  579. 		i = readSocksReply(in, addr);

  580. 		if (i != 4)

  581. 		    throw new SocketException("Reply from SOCKS server badly formatted");

  582. 		data = new byte[2];

  583. 		i = readSocksReply(in, data);

  584. 		if (i != 2)

  585. 		    throw new SocketException("Reply from SOCKS server badly formatted");

  586. 		nport = ((int)data[0] & 0xff) << 8;

  587. 		nport += ((int)data[1] & 0xff);

  588. 		external_address =

  589. 		    new InetSocketAddress(new Inet4Address("", addr) , nport);

  590. 		break;

  591. 	    case DOMAIN_NAME:

  592. 		len = data[1];

  593. 		byte[] host = new byte[len];

  594. 		i = readSocksReply(in, host);

  595. 		if (i != len)

  596. 		    throw new SocketException("Reply from SOCKS server badly formatted");

  597. 		data = new byte[2];

  598. 		i = readSocksReply(in, data);

  599. 		if (i != 2)

  600. 		    throw new SocketException("Reply from SOCKS server badly formatted");

  601. 		nport = ((int)data[0] & 0xff) << 8;

  602. 		nport += ((int)data[1] & 0xff);

  603. 		external_address = new InetSocketAddress(new String(host), nport);

  604. 		break;

  605. 	    case IPV6:

  606. 		len = data[1];

  607. 		addr = new byte[len];

  608. 		i = readSocksReply(in, addr);

  609. 		if (i != len)

  610. 		    throw new SocketException("Reply from SOCKS server badly formatted");

  611. 		data = new byte[2];

  612. 		i = readSocksReply(in, data);

  613. 		if (i != 2)

  614. 		    throw new SocketException("Reply from SOCKS server badly formatted");

  615. 		nport = ((int)data[0] & 0xff) << 8;

  616. 		nport += ((int)data[1] & 0xff);

  617. 		external_address = 

  618. 		    new InetSocketAddress(new Inet6Address("", addr), nport);

  619. 		break;

  620. 	    }

  621. 	    break;

  622. 	case GENERAL_FAILURE:

  623. 	    ex = new SocketException("SOCKS server general failure");

  624. 	    break;

  625. 	case NOT_ALLOWED:

  626. 	    ex = new SocketException("SOCKS: Bind not allowed by ruleset");

  627. 	    break;

  628. 	case NET_UNREACHABLE:

  629. 	    ex = new SocketException("SOCKS: Network unreachable");

  630. 	    break;

  631. 	case HOST_UNREACHABLE:

  632. 	    ex = new SocketException("SOCKS: Host unreachable");

  633. 	    break;

  634. 	case CONN_REFUSED:

  635. 	    ex = new SocketException("SOCKS: Connection refused");

  636. 	    break;

  637. 	case TTL_EXPIRED:

  638. 	    ex =  new SocketException("SOCKS: TTL expired");

  639. 	    break;

  640. 	case CMD_NOT_SUPPORTED:

  641. 	    ex = new SocketException("SOCKS: Command not supported");

  642. 	    break;

  643. 	case ADDR_TYPE_NOT_SUP:

  644. 	    ex = new SocketException("SOCKS: address type not supported");

  645. 	    break;

  646. 	}

  647. 	if (ex != null) {

  648. 	    in.close();

  649. 	    out.close();

  650. 	    cmdsock.close();

  651. 	    cmdsock = null;

  652. 	    throw ex;

  653. 	}

  654. 	cmdIn = in;

  655. 	cmdOut = out;

  656.     }

  657. 

  658.     /**

  659.      * Accepts a connection. 

  660.      *

  661.      * @param      s   the accepted connection.

  662.      * @exception  IOException  if an I/O error occurs when accepting the

  663.      *               connection.

  664.      */

  665.     protected void accept(SocketImpl s) throws IOException {

  666. 	if (cmdsock == null)

  667. 	    throw new SocketException("Socks channel closed");

  668. 	InputStream in = cmdIn;

  669. 	in.read();

  670. 	int i = in.read();

  671. 	in.read();

  672. 	SocketException ex = null;

  673. 	int nport;

  674. 	byte[] addr;

  675. 	InetSocketAddress real_end = null;

  676. 	switch (i) {

  677. 	case REQUEST_OK:

  678. 	    // success!

  679. 	    i = in.read();

  680. 	    switch(i) {

  681. 	    case IPV4:

  682. 		addr = new byte[4];

  683. 		readSocksReply(in, addr);

  684. 		nport = in.read() << 8;

  685. 		nport += in.read();

  686. 		real_end = 

  687. 		    new InetSocketAddress(new Inet4Address("", addr) , nport);

  688. 		break;

  689. 	    case DOMAIN_NAME:

  690. 		int len = in.read();

  691. 		addr = new byte[len];

  692. 		readSocksReply(in, addr);

  693. 		nport = in.read() << 8;

  694. 		nport += in.read();

  695. 		real_end = new InetSocketAddress(new String(addr), nport);

  696. 		break;

  697. 	    case IPV6:

  698. 		addr = new byte[16];

  699. 		readSocksReply(in, addr);

  700. 		nport = in.read() << 8;

  701. 		nport += in.read();

  702. 		real_end = 

  703. 		    new InetSocketAddress(new Inet6Address("", addr), nport);

  704. 		break;

  705. 	    }

  706. 	    break;

  707. 	case GENERAL_FAILURE:

  708. 	    ex = new SocketException("SOCKS server general failure");

  709. 	    break;

  710. 	case NOT_ALLOWED:

  711. 	    ex = new SocketException("SOCKS: Accept not allowed by ruleset");

  712. 	    break;

  713. 	case NET_UNREACHABLE:

  714. 	    ex = new SocketException("SOCKS: Network unreachable");

  715. 	    break;

  716. 	case HOST_UNREACHABLE:

  717. 	    ex = new SocketException("SOCKS: Host unreachable");

  718. 	    break;

  719. 	case CONN_REFUSED:

  720. 	    ex = new SocketException("SOCKS: Connection refused");

  721. 	    break;

  722. 	case TTL_EXPIRED:

  723. 	    ex =  new SocketException("SOCKS: TTL expired");

  724. 	    break;

  725. 	case CMD_NOT_SUPPORTED:

  726. 	    ex = new SocketException("SOCKS: Command not supported");

  727. 	    break;

  728. 	case ADDR_TYPE_NOT_SUP:

  729. 	    ex = new SocketException("SOCKS: address type not supported");

  730. 	    break;

  731. 	}

  732. 	if (ex != null) {

  733. 	    cmdIn.close();

  734. 	    cmdOut.close();

  735. 	    cmdsock.close();

  736. 	    cmdsock = null;

  737. 	    throw ex;

  738. 	}

  739. 	

  740. 	/**

  741. 	 * This is where we have to do some fancy stuff.

  742. 	 * The datastream from the socket "accepted" by the proxy will

  743. 	 * come through the cmdSocket. So we have to swap the socketImpls

  744. 	 */

  745. 	if (s instanceof SocksSocketImpl) {

  746. 	    ((SocksSocketImpl)s).external_address = real_end;

  747. 	}

  748. 	if (s instanceof PlainSocketImpl) {

  749. 	    ((PlainSocketImpl)s).setInputStream((SocketInputStream) in);

  750. 	}

  751. 	s.fd = cmdsock.getImpl().fd;

  752. 	s.address = cmdsock.getImpl().address;

  753. 	s.port = cmdsock.getImpl().port;

  754. 	s.localport = cmdsock.getImpl().localport;

  755. 	// Need to do that so that the socket won't be closed

  756. 	// when the ServerSocket is closed by the user.

  757. 	// It kinds of detaches the Socket because it is now

  758. 	// used elsewhere.

  759. 	cmdsock = null;

  760.     }

  761. 

  762.     

  763.     /**

  764.      * Returns the value of this socket's <code>address</code> field.

  765.      *

  766.      * @return  the value of this socket's <code>address</code> field.

  767.      * @see     java.net.SocketImpl#address

  768.      */

  769.     protected InetAddress getInetAddress() {

  770. 	if (external_address != null)

  771. 	    return external_address.getAddress();

  772. 	else

  773. 	    return super.getInetAddress();

  774.     }

  775. 

  776.     /**

  777.      * Returns the value of this socket's <code>port</code> field.

  778.      *

  779.      * @return  the value of this socket's <code>port</code> field.

  780.      * @see     java.net.SocketImpl#port

  781.      */

  782.     protected int getPort() {

  783. 	if (external_address != null)

  784. 	    return external_address.getPort();

  785. 	else

  786. 	    return super.getPort();

  787.     }

  788. 

  789.     protected int getLocalPort() {

  790. 	if (socket != null)

  791. 	    return super.getLocalPort();

  792. 	if (external_address != null)

  793. 	    return external_address.getPort();

  794. 	else

  795. 	    return super.getLocalPort();

  796.     }

  797. 

  798.     protected void close() throws IOException {

  799. 	if (cmdsock != null)

  800. 	    cmdsock.close();

  801. 	cmdsock = null;

  802. 	super.close();

  803.     }

  804. 

  805. }