In HTTP CONNECT, use hostname parsed from TLS SNI or HTTP Host header (renew #71)

.gitmodules

@@ -0,0 +1,3 @@
+[submodule "http-parser"]
+	path = http-parser
+	url = https://github.com/nodejs/http-parser/

Makefile

@@ -1,5 +1,8 @@
 -include make.conf
-OBJS := parser.o main.o redsocks.o log.o http-connect.o socks4.o socks5.o http-relay.o base.o base64.o md5.o http-auth.o utils.o redudp.o dnstc.o dnsu2t.o gen/version.o
+
+LIBHTTP_CFLAGS := -I./http-parser -L./http-parser
+
+OBJS := parser.o main.o redsocks.o log.o http-connect.o socks4.o socks5.o http-relay.o base.o base64.o md5.o http-auth.o utils.o redudp.o dnstc.o dnsu2t.o tls.o gen/version.o
 ifeq ($(DBG_BUILD),1)
 OBJS += debug.o
 endif
@@ -10,21 +13,31 @@ OUT := redsocks
 VERSION := 0.5
 
 LIBS := -levent_core
+LIBS += -lhttp_parser
 ifeq ($(DBG_BUILD),1)
 # -levent_extra is required only for `http` and `debug`
 LIBS += -levent_extra
 endif
+CFLAGS += $(LIBHTTP_CFLAGS)
 CFLAGS += -g -O2
 # _GNU_SOURCE is used to get splice(2), it also implies _BSD_SOURCE
 override CFLAGS += -std=c99 -D_XOPEN_SOURCE=600 -D_DEFAULT_SOURCE -D_GNU_SOURCE -Wall
 
 all: $(OUT)
 
-.PHONY: all clean distclean test
+.PHONY: all clean distclean test http-parser
 
 tags: *.c *.h
 	ctags -R
 
+http-parser-download:
+	git submodule update --init
+
+http-parser-build:
+	cd http-parser && make package
+
+http-parser: http-parser-download http-parser-build
+
 $(CONF):
 	@case `uname` in \
 	Linux*) \
@@ -90,15 +103,16 @@ $(DEPS): $(SRCS)
 
 -include $(DEPS)
 
-$(OUT): $(OBJS)
-	$(CC) $(CFLAGS) -o $@ $^ $(LDFLAGS) $(LIBS)
+$(OUT): http-parser $(OBJS)
+	$(CC) $(CFLAGS) -o $@ $(OBJS) $(LDFLAGS) $(LIBS)
 
 clean:
 	$(RM) $(OUT) $(CONF) $(OBJS)
 
 distclean: clean
 	$(RM) tags $(DEPS)
 	$(RM) -r gen
+	cd http-parser && make clean
 
 tests/__build-tstamp__: $(OUT) tests/[a-z]* tests/[a-z]*/*
 	cd tests && ./build

http-connect.c

@@ -43,6 +43,10 @@ typedef enum httpc_state_t {
 
 #define HTTP_HEAD_WM_HIGH 4096  // that should be enough for one HTTP line.
 
+#define MAX_SERVER_NAME (253)    /* Max DNS is 253 characters */
+#define MAX_PORT_STR_LENGTH (6)  /* Ports are 5 digits decimax max */
+#define MAX_CONNECT_HOST_LENGTH (MAX_SERVER_NAME + MAX_PORT_STR_LENGTH + 1) /* Add one byte for \0 */
+
 
 static void httpc_client_init(redsocks_client *client)
 {
@@ -210,6 +214,14 @@ static struct evbuffer *httpc_mkconnect(redsocks_client *client)
 	struct evbuffer *buff = NULL, *retval = NULL;
 	char *auth_string = NULL;
 	int len;
+    char *hostname = NULL;
+
+
+    if (client->hostname) {
+        hostname = client->hostname;
+    } else {
+        hostname = inet_ntoa(client->destaddr.sin_addr);
+    }
 
 	buff = evbuffer_new();
 	if (!buff) {
@@ -230,8 +242,8 @@ static struct evbuffer *httpc_mkconnect(redsocks_client *client)
 			auth_scheme = "Basic";
 		} else if (strncasecmp(auth->last_auth_query, "Digest", 6) == 0) {
 			/* calculate uri */
-			char uri[128];
-			snprintf(uri, 128, "%s:%u", inet_ntoa(client->destaddr.sin_addr), ntohs(client->destaddr.sin_port));
+			char uri[MAX_CONNECT_HOST_LENGTH] = {0};
+			snprintf(uri, MAX_CONNECT_HOST_LENGTH, "%s:%u", hostname, ntohs(client->destaddr.sin_port));
 
 			/* prepare an random string for cnounce */
 			char cnounce[17];
@@ -246,7 +258,7 @@ static struct evbuffer *httpc_mkconnect(redsocks_client *client)
 
 	// TODO: do accurate evbuffer_expand() while cleaning up http-auth
 	len = evbuffer_add_printf(buff, "CONNECT %s:%u HTTP/1.0\r\n",
-		inet_ntoa(client->destaddr.sin_addr),
+		hostname,
 		ntohs(client->destaddr.sin_port));
 	if (len < 0) {
 		redsocks_log_errno(client, LOG_ERR, "evbufer_add_printf");

protocol.h

@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 2014, Dustin Lundquist <[email protected]>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+ * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ * POSSIBILITY OF SUCH DAMAGE.
+ */
+#ifndef PROTOCOL_H
+#define PROTOCOL_H
+
+#include <inttypes.h>
+
+struct Protocol {
+    const char *const name;
+    const uint16_t default_port;
+    int (*const parse_packet)(const char*, size_t, char **);
+    const char *const abort_message;
+    const size_t abort_message_len;
+};
+
+#endif