do not touch non-http looking data blocks

2024-12-04 07:30:53 +03:00 · 2017-05-08 18:56:43 +03:00 · 2017-05-08 18:56:43 +03:00 · 75cde6a1ea
commit 75cde6a1ea
parent 7c38e73833
5 changed files with 612 additions and 597 deletions
--- a/binaries/armhf/tpws
+++ b/binaries/armhf/tpws
--- a/binaries/mips32r1-lsb/tpws
+++ b/binaries/mips32r1-lsb/tpws
--- a/binaries/mips32r1-msb/tpws
+++ b/binaries/mips32r1-msb/tpws
--- a/binaries/x86_64/tpws
+++ b/binaries/x86_64/tpws
--- a/tpws/tpws.c
+++ b/tpws/tpws.c
@ -76,7 +76,7 @@ void close_tcp_conn(tproxy_conn_t *conn, struct tailhead *conn_list,
 	TAILQ_INSERT_TAIL(close_list, conn, conn_ptrs);
 }

-static const char *http_split_methods[]={"GET /","POST /","HEAD /","OPTIONS /",NULL};
+static const char *http_methods[] = { "GET /","POST /","HEAD /","OPTIONS /","PUT /","DELETE /","CONNECT /","TRACE /",NULL };
 static const char *http_split_host[] = { "\r\nHost: ",NULL };

 #define RD_BLOCK_SIZE 8192
@ -96,7 +96,8 @@ bool handle_epollin(tproxy_conn_t *conn,int *data_transferred){
 		fd_in = conn->local_fd;
 		fd_out = conn->remote_fd;
 		bOutgoing = true;
-    } else {
+	}
+	else {
 		fd_in = conn->remote_fd;
 		fd_out = conn->local_fd;
 		numbytes = 0;
@ -108,45 +109,59 @@ bool handle_epollin(tproxy_conn_t *conn,int *data_transferred){
 	{
 		if (bOutgoing)
 		{
-	    char buf[RD_BLOCK_SIZE+4],*p,*phost=NULL;
-	    ssize_t l,split_pos=0,method_split_pos=0,host_split_pos=0,split_array_pos_offset=1,pos;
-	    const char **split_array=NULL, **split_item, **item;
+			char buf[RD_BLOCK_SIZE + 4], *p, *pp, *phost = NULL;
+			ssize_t l, method_len=0, split_pos = 0, method_split_pos = 0, host_split_pos = 0, split_array_pos_offset = 1, pos;
+			const char **split_array = NULL, **split_item, **method;
+			bool bIsHttp;

 			rd = recv(fd_in, buf, RD_BLOCK_SIZE, MSG_DONTWAIT);
 			if (rd > 0)
 			{
 				bs = rd;

+				bIsHttp = false;
+				for (method = http_methods; *method; method++)
+				{
+					method_len = strlen(*method);
+					if (method_len <= bs && !memcmp(buf, *method, method_len))
+					{
+						bIsHttp = true;
+						method_len-=2; // "GET /" => "GET"
+						break;
+					}
+				}
+				if (bIsHttp)
+				{
+					printf("Data block looks like http request start : %s\n", *method);
+
 					if (params.unixeol)
 					{
 						printf("Replacing 0D0A to 0A\n");
-		    p = buf;
+						p = pp = buf;
 						while (p = find_bin(p, buf + bs - p, "\r\n", 2))
 						{
 							*p = '\n'; p++;
 							memmove(p, p + 1, buf + bs - p - 1);
 							bs--;
+							if (pp == (p - 1))
+							{
+								// probably end of http headers
+								printf("Found double EOL at pos %zd. Stop replacing.\n", pp - buf);
+								break;
+							}
+							pp = p;
 						}
 					}

 					if (params.methodspace)
 					{
-    		    for(item=http_split_methods;*item;item++)
-		    {
-		        l = strlen(*item);
-		        if (p=find_bin(buf,bs,*item,l))
-		        {
-				pos = p-buf;
-				printf("Found http method '%s' at pos %zd. Adding extra space.\n",*item,pos);
-				p += l-1;
-				pos += l-1;
+						// we only work with data blocks looking as HTTP query, so method is at the beginning
+						printf("Adding extra space after method\n");
+						p = buf + method_len + 1;
+						pos = method_len + 1;
 						memmove(p + 1, p, bs - pos);
 						*p = ' '; // insert extra space
 						bs++; // block will grow by 1 byte
-				method_split_pos = pos-2; // remember split position and use it if required
-				break;
-			}
-		    }
 					}
 					if (params.hostdot || params.hosttab)
 					{
@ -174,14 +189,7 @@ bool handle_epollin(tproxy_conn_t *conn,int *data_transferred){
 						switch (params.split_http_req)
 						{
 						case split_method:
-			    	// do we have already split position ? if so use it without another search
-			    	if (method_split_pos)
-					split_pos = method_split_pos;
-				else
-				{
-					split_array = http_split_methods;
-					split_array_pos_offset = 3;
-				}
+							split_pos = method_len - 1;
 							break;
 						case split_host:
 							if (host_split_pos)
@ -233,6 +241,12 @@ bool handle_epollin(tproxy_conn_t *conn,int *data_transferred){
 							if (split_pos) split_pos += 2;
 						}
 					}
+				}
+				else
+				{
+					printf("Data block does not look like http request start\n");
+				}
+
 				if (split_pos)
 				{
 					printf("Splitting at pos %zd\n", split_pos);
@ -344,7 +358,8 @@ int event_loop(int listen_fd){
 					conncount++;
 					printf("Connections : %d\n", conncount);
 				}
-            } else {
+			}
+			else {
 				conn = (tproxy_conn_t*)events[i].data.ptr;

 				//Only applies to remote_fd, connection attempt has
@ -358,7 +373,8 @@ int event_loop(int listen_fd){
 						conncount--;
 					}
 					continue;
-                } else if(conn->state != CONN_CLOSED && 
+				}
+				else if (conn->state != CONN_CLOSED &&
 					(events[i].events & EPOLLRDHUP ||
 						events[i].events & EPOLLHUP ||
 						events[i].events & EPOLLERR)) {
@ -709,5 +725,4 @@ int main(int argc, char *argv[]){
 		exit(EXIT_FAILURE);
 	else
 		exit(EXIT_SUCCESS);
-
 }