// SPDX-License-Identifier: MIT #include #include #include #include "net.h" #include "util.h" #include "dbuf.h" #define OT_CHECK(x) \ { \ OTResult _m_res = (x); \ if (_m_res < 0) \ die("OT Error at %s:%d: %ld", \ __FILE__, __LINE__, _m_res); \ } \ #define kConnectionTimeoutSecs 2 static bool gOTInited = false; static InetSvcRef inet_svcs; static OTResult SetFourByteOption(EndpointRef ep, OTXTILevel level, OTXTIName name, UInt32 value); /* Look up the IPv4 address of a given host using DNS. */ short net_dns_lookup(const char* hostname, InetHost *host) { InetHostInfo hi; memset(&hi, 0, sizeof(InetHostInfo)); if (OTInetStringToAddress(inet_svcs, (char*)hostname, &hi) < 0) return -1; *host = hi.addrs[0]; return 0; } void net_init() { OSStatus err = noErr; OT_CHECK(InitOpenTransport()); // docs say you should be able to use // nil as a first parameter, but at least // OT 1.1 does _not_ like that. inet_svcs = OTOpenInternetServices( kDefaultInternetServicesPath, 0, &err); OT_CHECK(err); gOTInited = true; } EndpointRef net_create_endpoint() { EndpointRef ep; OSStatus err = noErr; ep = OTOpenEndpoint( OTCreateConfiguration("tcp"), 0, NULL, &err); OT_CHECK(err); OT_CHECK(OTSetSynchronous(ep)); OT_CHECK(OTSetBlocking(ep)); OT_CHECK(OTBind(ep, nil, nil)); OT_CHECK(OTSetNonBlocking(ep)); /* Set reasonable connection timeout (2s) */ OT_CHECK(SetFourByteOption(ep, INET_TCP, TCP_CONN_ABORT_THRESHOLD, kConnectionTimeoutSecs * 1000)); OT_CHECK(SetFourByteOption(ep, INET_TCP, TCP_CONN_NOTIFY_THRESHOLD, (kConnectionTimeoutSecs * 1000 / 2))); return ep; } short net_wait_readable(EndpointRef ep) { OTResult res; while (true) { res = OTLook(ep); switch (res) { case T_DATA: return 0; // readable case T_DISCONNECT: warn("net_wait_readable: unorderly disconnect"); OT_CHECK(OTRcvDisconnect(ep, nil)); return -1; case T_ORDREL: OTRcvOrderlyDisconnect(ep); OTSndOrderlyDisconnect(ep); return -1; case kOTNoError: // nothing doing break; default: warn("unhandled OTLook result: %x (%d)", res, res); break; } YieldToAnyThread(); } } EndpointRef net_connect(const char* hostname, short port) { EndpointRef ep = net_create_endpoint(); TCall connectCall; InetAddress addr; InetHost host; if (net_dns_lookup(hostname, &host) < 0) goto fail; OTInitInetAddress(&addr, port, host); OTMemzero(&connectCall, sizeof(TCall)); connectCall.addr.buf = (unsigned char*)&addr; connectCall.addr.len = sizeof(InetAddress); if (OTConnect(ep, &connectCall, nil) < 0) goto fail; return ep; fail: OTCloseProvider(ep); return NULL; } EndpointRef net_socks_connect( const char* proxy_host, short proxy_port, const char* host, short port) { EndpointRef ep; OTResult res; char hello[] = "\x05\x01\x00"; // SOCKSv5, 1 auth method, 00 = no auth long host_len = strlen(host); unsigned char req[384]; unsigned char respBuf[384]; short idx = 0; OTFlags flags; ep = net_connect(proxy_host, proxy_port); if (!ep) return NULL; if (host_len > 253) die("invalid host %s; too long!", host); req[idx++] = 5; // SOCKSv5 req[idx++] = 1; // CMD 1: CONNECT req[idx++] = 0; // reserved req[idx++] = 3; // Address type: DNS req[idx++] = (unsigned char)host_len; // Length of DNS address memcpy(&req[idx], host, host_len); idx += host_len; // 68K and PPC are big-endian, so port // is already in network byte order *((short*)&req[idx]) = port; idx += 2; res = OTSnd(ep, hello, sizeof(hello), 0); OT_CHECK(res); OTSetBlocking(ep); res = OTRcv(ep, respBuf, 2, &flags); if (respBuf[0] != 5 || respBuf[1] != 0) die("invalid response: %d %d", respBuf[0], respBuf[1]); res = OTSnd(ep, req, idx, 0); OT_CHECK(res); res = OTRcv(ep, respBuf, 4, &flags); if (respBuf[0] != 5 || respBuf[1] != 0 || respBuf[3] != 1) die("invalid response: %d %d %d", respBuf[0], respBuf[1], respBuf[3]); res = OTRcv(ep, respBuf + 4, 6, &flags); OTSetNonBlocking(ep); return ep; } static void net_recv_response(EndpointRef ep, struct dbuf* db) { OTResult res; OTFlags flags; char tmpBuf[256]; while (true) { short readable = net_wait_readable(ep); if (readable == -1) break; else if (readable == 0) { res = OTRcv(ep, tmpBuf, sizeof(tmpBuf), &flags); if (res < 0) die("readable socket returned error on read? %ld", res); db_extend(db, (u8*)tmpBuf, res); } } // null-terminate response db_extend(db, (u8*)"\0", 1); } struct dbuf net_post(EndpointRef ep, const char* path, const char* token, const char* content) { size_t content_length = strlen(content); DB_INIT(db, 8192); OTResult res; db_printf(&db, "POST %s HTTP/1.1\r\n" "Authorization: Bearer %s\r\n" "Host: homeassistant.lan\r\n" "Connection: close\r\n" "Content-Type: application/json\r\n" "Content-Length: %lu\r\n" "\r\n%s\r\n", path, token, content_length, content); res = OTSnd(ep, (void*)&db.buf[0], db.len, 0); OT_CHECK(res); db_clear(&db); net_recv_response(ep, &db); return db; } struct dbuf net_get(EndpointRef ep, const char* path, const char* token) { OTResult res; DB_INIT(db, 8192); db_printf(&db, "GET %s HTTP/1.1\r\n" "Authorization: Bearer %s\r\n" "Host: homeassistant.lan\r\n" "Connection: close\r\n" "\r\n", path, token); res = OTSnd(ep, (void*)&db.buf[0], db.len, 0); OT_CHECK(res); db_clear(&db); net_recv_response(ep, &db); return db; } /* Get a pointer to the content in an HTTP response. */ char* net_http_response_content(const char* response) { char* s = strstr(response, "\r\n\r\n"); if (!s) return NULL; return s + 4; } short net_test_socks() { EndpointRef ep = net_socks_connect("192.168.1.187", 1080, "httpbin.org", 443); struct dbuf respBuf; if (!ep) return -1; respBuf = net_get(ep, "/uuid", ""); info("%s", respBuf.buf); db_destroy(&respBuf); OTCloseProvider(ep); return 0; } /* Taken from the OT sample code here: * https://lists.apple.com/archives/macnetworkprog/2004/Jan/msg00145.html */ static OTResult SetFourByteOption(EndpointRef ep, OTXTILevel level, OTXTIName name, UInt32 value) // level and name must denote a four byte option that is // appropriate for the endpoint ep. This routine sets the // option to value. ep is assumed to be in synchronous // mode. // // If all goes well, the result is noErr. If an error // occurs, the result is negative. If the option could not // be negotiated, a positive result being one of (T_FAILURE, // T_PARTSUCCESS, T_READONLY, T_NOTSUPPORT) is returned { OTResult err; TOption option; TOptMgmt request; TOptMgmt result; // Set up the option buffer to reflect the specific option // and value we want to set. We use a TOption structure // to represent the option buffer. TOption is specifically // defined to allow easy construction of 4 byte options. // If you want to negotiate different size options, or // multiple options in a single call, then constructing // the option buffer is a little trickier option.len = kOTFourByteOptionSize; option.level = level; option.name = name; option.status = 0; option.value[0] = value; // Set up the request for OTOptionManagement to point // to the option buffer we just filled out, and tell // it that we want to negotiate (ie set) the option. request.opt.buf = (UInt8 *) &option; request.opt.len = sizeof(option); request.flags = T_NEGOTIATE; // Set up the reply for OTOptionManagement. This is where // OTOptionManagement puts the result of the negotiation. result.opt.buf = (UInt8 *) &option; result.opt.maxlen = sizeof(option); // Call OTOptionManagement and then check that the value // was negotiated successfully. Any value other than // T_SUCCESS is reported via the error result. err = OTOptionManagement(ep, &request, &result); if (err == noErr) { if (option.status != T_SUCCESS) { err = option.status; } } return (err); } void net_fini() { if (gOTInited) { OTCloseProvider(inet_svcs); CloseOpenTransport(); } }