+/*****************************************************************************
+ * SocksNegociate:
+ *****************************************************************************
+ * Negociate authentication with a SOCKS server.
+ *****************************************************************************/
+static int SocksNegociate( vlc_object_t *p_obj,
+ int fd, int i_socks_version,
+ char *psz_socks_user,
+ char *psz_socks_passwd )
+{
+ uint8_t buffer[128+2*256];
+ int i_len;
+ vlc_bool_t b_auth = VLC_FALSE;
+
+ if( i_socks_version != 5 )
+ return VLC_SUCCESS;
+
+ /* We negociate authentication */
+
+ if( psz_socks_user && psz_socks_passwd &&
+ *psz_socks_user && *psz_socks_passwd )
+ b_auth = VLC_TRUE;
+
+ buffer[0] = i_socks_version; /* SOCKS version */
+ if( b_auth )
+ {
+ buffer[1] = 2; /* Number of methods */
+ buffer[2] = 0x00; /* - No auth required */
+ buffer[3] = 0x02; /* - USer/Password */
+ i_len = 4;
+ }
+ else
+ {
+ buffer[1] = 1; /* Number of methods */
+ buffer[2] = 0x00; /* - No auth required */
+ i_len = 3;
+ }
+
+ if( net_Write( p_obj, fd, NULL, buffer, i_len ) != i_len )
+ return VLC_EGENERIC;
+ if( net_Read( p_obj, fd, NULL, buffer, 2, VLC_TRUE ) != 2 )
+ return VLC_EGENERIC;
+
+ msg_Dbg( p_obj, "socks: v=%d method=%x", buffer[0], buffer[1] );
+
+ if( buffer[1] == 0x00 )
+ {
+ msg_Dbg( p_obj, "socks: no authentication required" );
+ }
+ else if( buffer[1] == 0x02 )
+ {
+ int i_len1 = __MIN( strlen(psz_socks_user), 255 );
+ int i_len2 = __MIN( strlen(psz_socks_passwd), 255 );
+ msg_Dbg( p_obj, "socks: username/password authentication" );
+
+ /* XXX: we don't support user/pwd > 255 (truncated)*/
+ buffer[0] = i_socks_version; /* Version */
+ buffer[1] = i_len1; /* User length */
+ memcpy( &buffer[2], psz_socks_user, i_len1 );
+ buffer[2+i_len1] = i_len2; /* Password length */
+ memcpy( &buffer[2+i_len1+1], psz_socks_passwd, i_len2 );
+
+ i_len = 3 + i_len1 + i_len2;
+
+ if( net_Write( p_obj, fd, NULL, buffer, i_len ) != i_len )
+ return VLC_EGENERIC;
+
+ if( net_Read( p_obj, fd, NULL, buffer, 2, VLC_TRUE ) != 2 )
+ return VLC_EGENERIC;
+
+ msg_Dbg( p_obj, "socks: v=%d status=%x", buffer[0], buffer[1] );
+ if( buffer[1] != 0x00 )
+ {
+ msg_Err( p_obj, "socks: authentication rejected" );
+ return VLC_EGENERIC;
+ }
+ }
+ else
+ {
+ if( b_auth )
+ msg_Err( p_obj, "socks: unsupported authentication method %x",
+ buffer[0] );
+ else
+ msg_Err( p_obj, "socks: authentification needed" );
+ return VLC_EGENERIC;
+ }
+
+ return VLC_SUCCESS;
+}
+
+/*****************************************************************************
+ * SocksHandshakeTCP:
+ *****************************************************************************
+ * Open a TCP connection using a SOCKS server and return a handle (RFC 1928)
+ *****************************************************************************/
+static int SocksHandshakeTCP( vlc_object_t *p_obj,
+ int fd,
+ int i_socks_version,
+ char *psz_socks_user, char *psz_socks_passwd,
+ const char *psz_host, int i_port )
+{
+ uint8_t buffer[128+2*256];
+
+ if( i_socks_version != 4 && i_socks_version != 5 )
+ {
+ msg_Warn( p_obj, "invalid socks protocol version %d", i_socks_version );
+ i_socks_version = 5;
+ }
+
+ if( i_socks_version == 5 &&
+ SocksNegociate( p_obj, fd, i_socks_version,
+ psz_socks_user, psz_socks_passwd ) )
+ return VLC_EGENERIC;
+
+ if( i_socks_version == 4 )
+ {
+ struct addrinfo hints = { 0 }, *p_res;
+
+ /* v4 only support ipv4 */
+ hints.ai_family = AF_INET;
+ if( vlc_getaddrinfo( p_obj, psz_host, 0, &hints, &p_res ) )
+ return VLC_EGENERIC;
+
+ buffer[0] = i_socks_version;
+ buffer[1] = 0x01; /* CONNECT */
+ SetWBE( &buffer[2], i_port ); /* Port */
+ memcpy( &buffer[4], /* Address */
+ &((struct sockaddr_in *)(p_res->ai_addr))->sin_addr, 4 );
+ vlc_freeaddrinfo( p_res );
+
+ buffer[8] = 0; /* Empty user id */
+
+ if( net_Write( p_obj, fd, NULL, buffer, 9 ) != 9 )
+ return VLC_EGENERIC;
+ if( net_Read( p_obj, fd, NULL, buffer, 8, VLC_TRUE ) != 8 )
+ return VLC_EGENERIC;
+
+ msg_Dbg( p_obj, "socks: v=%d cd=%d",
+ buffer[0], buffer[1] );
+
+ if( buffer[1] != 90 )
+ return VLC_EGENERIC;
+ }
+ else if( i_socks_version == 5 )
+ {
+ int i_hlen = __MIN(strlen( psz_host ), 255);
+ int i_len;
+
+ buffer[0] = i_socks_version; /* Version */
+ buffer[1] = 0x01; /* Cmd: connect */
+ buffer[2] = 0x00; /* Reserved */
+ buffer[3] = 3; /* ATYP: for now domainname */
+
+ buffer[4] = i_hlen;
+ memcpy( &buffer[5], psz_host, i_hlen );
+ SetWBE( &buffer[5+i_hlen], i_port );
+
+ i_len = 5 + i_hlen + 2;
+
+
+ if( net_Write( p_obj, fd, NULL, buffer, i_len ) != i_len )
+ return VLC_EGENERIC;
+
+ /* Read the header */
+ if( net_Read( p_obj, fd, NULL, buffer, 5, VLC_TRUE ) != 5 )
+ return VLC_EGENERIC;
+
+ msg_Dbg( p_obj, "socks: v=%d rep=%d atyp=%d",
+ buffer[0], buffer[1], buffer[3] );
+
+ if( buffer[1] != 0x00 )
+ {
+ msg_Err( p_obj, "socks: CONNECT request failed\n" );
+ return VLC_EGENERIC;
+ }
+
+ /* Read the remaining bytes */
+ if( buffer[3] == 0x01 )
+ i_len = 4-1 + 2;
+ else if( buffer[3] == 0x03 )
+ i_len = buffer[4] + 2;
+ else if( buffer[3] == 0x04 )
+ i_len = 16-1+2;
+ else
+ return VLC_EGENERIC;
+
+ if( net_Read( p_obj, fd, NULL, buffer, i_len, VLC_TRUE ) != i_len )
+ return VLC_EGENERIC;
+ }
+
+ return VLC_SUCCESS;
+}
+