diff options
| author | Masaq- <tilt@techie.com> | 2019-02-03 03:33:26 +0000 |
|---|---|---|
| committer | Masaq- <tilt@techie.com> | 2019-02-03 03:33:26 +0000 |
| commit | c1af90a23a14494a82df977861e9b0adc29f638d (patch) | |
| tree | e680cacb29c48e9decd42a9ec8bfd206bb206437 | |
| parent | 020634e1e84ab6063b0b403432002073bdaffe09 (diff) | |
| parent | 6eb4245784b734e24870e2ba3c946527feb7f709 (diff) | |
Merge branch 'master' into extended-options
| -rw-r--r-- | .gitlab-ci.yml | 87 | ||||
| -rw-r--r-- | .travis.yml | 38 | ||||
| -rw-r--r-- | PKGBUILD | 2 | ||||
| -rw-r--r-- | PKGBUILD.dev | 31 | ||||
| -rw-r--r-- | contrib/ptunnel-ng.conf | 30 | ||||
| -rw-r--r-- | contrib/ptunnel-ng.service | 20 | ||||
| -rw-r--r-- | src/options.c | 12 | ||||
| -rw-r--r-- | src/pdesc.c | 18 | ||||
| -rw-r--r-- | src/pkt.c | 10 | ||||
| -rw-r--r-- | src/ptunnel.c | 5 | ||||
| -rw-r--r-- | src/ptunnel.h | 2 |
11 files changed, 206 insertions, 49 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index ed1972c..982c844 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -3,29 +3,74 @@ image: debian:stable-slim stages: - build +before_script: + - apt-get -qq update + - apt-get install -y git debhelper dpkg-dev build-essential fakeroot flawfinder wget unzip + - apt-get install -y libpcap-dev libselinux1-dev + - apt-get install -y binutils-mingw-w64-i686 gcc-mingw-w64 mingw-w64-i686-dev mingw-w64-common clang + - apt-get install -y autoconf automake dh-autoreconf + build: script: - - apt-get -qq update - - apt-get install -y git debhelper fakeroot - - apt-get install -y libpcap-dev libselinux1-dev - - apt-get install -y binutils-mingw-w64-i686 gcc-mingw-w64 mingw-w64-i686-dev mingw-w64-common clang - - apt-get install -y autoconf automake dh-autoreconf - - mkdir -p ../bin - - ./autogen.sh - - cp ./src/ptunnel-ng ../bin/ - - git clean -df . && dpkg-buildpackage -b -us -uc - - git clean -df . && export CC=i686-w64-mingw32-gcc && autoreconf -fi && - ./configure --host=i686-w64-mingw32 --build=$(gcc -dumpmachine) && - make CFLAGS='-Werror' - - cp ./src/ptunnel-ng.exe ../bin/ - - mkdir -p ./bin - - cp -v ../*.deb ../bin/* ./bin/ - - cp -v ./bin/ptunnel-ng ./bin/ptunnel-ng-dbgsym && strip -s ./bin/ptunnel-ng - - cp -v ./bin/ptunnel-ng.exe ./bin/ptunnel-ng-dbgsym.exe && i686-w64-mingw32-strip -s ./bin/ptunnel-ng.exe - - export CC=clang && ./configure && make clean && make CFLAGS='-Werror -Wno-error=for-loop-analysis' V=s + - autoreconf -fi + - ./configure --prefix=/ + - make install CFLAGS='-Werror' DESTDIR="$(realpath ./deploy)" V=s + stage: build + artifacts: + paths: + - deploy/ + - config.log + when: always + +build-debian: + script: + - dpkg-buildpackage -b -us -uc + stage: build + artifacts: + paths: + - config.log + when: always + +build-mingw: + script: + - autoreconf -fi + - ./configure --prefix=/ --host=i686-w64-mingw32 + - make install CFLAGS='-Werror' DESTDIR="$(realpath ./deploy)" V=s + stage: build artifacts: paths: - - bin/ + - deploy/ + - config.log + when: always + +build-clang: + script: + - autoreconf -fi + - CC=clang ./configure --prefix=/ + - make install CFLAGS='-Werror -Wno-error=for-loop-analysis' DESTDIR="$(realpath ./deploy)" V=s stage: build - only: - - master + artifacts: + paths: + - deploy/ + - config.log + when: always + +build-android: + cache: + key: toolchain-cache + paths: + - vendor/ + script: + - mkdir -p vendor && cd vendor + - test -r 'android-ndk-r19-linux-x86_64.zip' || wget --progress=dot:mega 'https://dl.google.com/android/repository/android-ndk-r19-linux-x86_64.zip' + - test -d 'android-ndk-r19' || unzip -q 'android-ndk-r19-linux-x86_64.zip' + - cd .. + - autoreconf -fi + - CC=aarch64-linux-android28-clang PATH="${PATH}:$(realpath ./vendor/android-ndk-r19/toolchains/llvm/prebuilt/linux-x86_64/bin)" ./configure --host=aarch64-linux-android + - PATH="${PATH}:$(realpath ./vendor/android-ndk-r19/toolchains/llvm/prebuilt/linux-x86_64/bin)" make install CFLAGS='-Werror -Wno-error=for-loop-analysis' DESTDIR="$(realpath ./deploy)" V=s + stage: build + artifacts: + paths: + - deploy/ + - config.log + when: always diff --git a/.travis.yml b/.travis.yml index 38ad62a..f92c786 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,21 +1,37 @@ language: c before_install: - sudo apt-get -qq update -- sudo apt-get install -y git debhelper fakeroot -- sudo apt-get install -y libpcap-dev libselinux1-dev libbsd-dev -- sudo apt-get install -y binutils-mingw-w64-i686 gcc-mingw-w64 mingw-w64-i686-dev clang - mingw-w64-common +- sudo apt-get install -y git debhelper dpkg-dev build-essential fakeroot flawfinder wget unzip realpath +- sudo apt-get install -y libpcap-dev libselinux1-dev +- sudo apt-get install -y binutils-mingw-w64-i686 gcc-mingw-w64 mingw-w64-i686-dev mingw-w64-common clang - sudo apt-get install -y autoconf automake dh-autoreconf after_failure: - cat config.log script: -- ./autogen.sh -- git clean -df . && dpkg-buildpackage -b -us -uc -- git clean -df . && export CC=i686-w64-mingw32-gcc && autoreconf -fi && - ./configure --host=i686-w64-mingw32 --build=$(gcc -dumpmachine) && make - CFLAGS='-Werror' -- git clean -df . && export CC=clang && autoreconf -fi && ./configure && make - CFLAGS='-Werror -Wno-error=for-loop-analysis' V=s +- mkdir -p ./deploy +# default gcc build +- autoreconf -fi +- ./configure --prefix=/ +- make install CFLAGS='-Werror' DESTDIR="$(realpath ./deploy)" V=s +- make clean +# debian build +- dpkg-buildpackage -b -us -uc +- make clean +# mingw-w64 build +- CC=i686-w64-mingw32-gcc ./configure --prefix=/ --host=i686-w64-mingw32 +- make install CFLAGS='-Werror' DESTDIR="$(realpath ./deploy)" V=s +- make clean +# clang build +- CC=clang ./configure --prefix=/ +- make install CFLAGS='-Werror -Wno-error=for-loop-analysis' DESTDIR="$(realpath ./deploy)" V=s +- make clean +# android build +- mkdir -p vendor && cd vendor +- test -r 'android-ndk-r19-linux-x86_64.zip' || wget --progress=dot:mega 'https://dl.google.com/android/repository/android-ndk-r19-linux-x86_64.zip' +- test -d 'android-ndk-r19' || unzip -q 'android-ndk-r19-linux-x86_64.zip' +- cd .. +- CC=aarch64-linux-android28-clang PATH="${PATH}:$(realpath ./vendor/android-ndk-r19/toolchains/llvm/prebuilt/linux-x86_64/bin)" ./configure --host=aarch64-linux-android +- PATH="${PATH}:$(realpath ./vendor/android-ndk-r19/toolchains/llvm/prebuilt/linux-x86_64/bin)" make install CFLAGS='-Werror -Wno-error=for-loop-analysis' DESTDIR="$(realpath ./deploy)" V=s env: global: - secure: DqyBATbSy6uoCpJ9MsedJID1SBWnHM0FMXJS2E4FbMwEaoOLWw/7EiLZUrIxcuAGyaztd4xuve3den07xt7uOL6RBebVjh8ZbNxR92ndxsDcsvLFEUTeTvDOsu7vYmocLw95x5GFPWygOP1PGe/QpQKHo6MMT5Px0if7LFiFi8bGj5lpuiL5C7l2IsWhmaLB3oIMK7z/JXPQSkXjYjzahS7dDRr7LnkQpEtywmSHGn5xD3QCZIUysDQV3lsy6zWUC6YLXMeu7JLgh/T6BAO2Zqj4uNlIrhGkh9OOx6OopjvklP0GFqJkSN1i2iPEDuuLx0+eLMUiGREAmWldt7aKwyCVH7r8zcTRSMk2E0jJ4wdd5hHbMUzG3LohmRfxlbcwL0MiOBeCR2MTQBsPXmjXJs4Qf82blQrp2Hxm0sE3KyswDEDQUBTKbRzVFPjYLTRASzIZrDG7j+CjkLRSESyXU3u8IIiE0wr75lhNWL58ZrVzjyZIxCgo8oOeK/yF+6F3hyCSnh/bFkCjvcHMsYInyVZCLgYkYeLHujbvgbiIPOAk50ikTz8AvKMCgK313O6/LjNaJu2GgezN0j2/mKGyvucBJM2QTys7AYp8QfUWy5bOaKcyHq0guu8/lrB8gp2bvIe5xL1HVrmBBvOKzuvwylLCO71Mb4P0zTxeMFwQyVs= @@ -25,4 +25,6 @@ package() { make DESTDIR="${pkgdir}" install find "${pkgdir}" -type d -name .git -exec rm -r '{}' + install -D -m644 COPYING "${pkgdir}/usr/share/licenses/ptunnel-ng/LICENSE" + install -D -m644 contrib/ptunnel-ng.conf "${pkgdir}/etc/conf.d/ptunnel-ng" + install -D -m644 contrib/ptunnel-ng.service "${pkgdir}/etc/systemd/system/ptunnel-ng.service" } diff --git a/PKGBUILD.dev b/PKGBUILD.dev new file mode 100644 index 0000000..91941c0 --- /dev/null +++ b/PKGBUILD.dev @@ -0,0 +1,31 @@ +# use `makepkg -p PKGBUILD.dev --skipchecksums' to build the pkg +pkgname="ptunnel-ng" +pkgver=master +pkgrel=1 +pkgdesc="A TCP forwarder and proxy used for ICMP/UDP tunneling without creating tun devices. (Ping Tunnel, ICMP Echo Tunnel, UDP Tunnel)" +arch=('i686' 'x86_64') +url='https://www.github.com/lnslbrty/ptunnel-ng' +license=('BSD-3') +makedepends=('git') +provides=("ptunnel-ng=${pkgver}") +source=("https://github.com/lnslbrty/ptunnel-ng/archive/master.zip") + +build() { + cd "${srcdir}/${pkgname}-${pkgver}" + autoreconf -fi + ./configure \ + --prefix=/usr \ + --libdir=/usr/lib \ + --disable-pcap \ + --disable-selinux + make V=s +} + +package() { + cd "${srcdir}/${pkgname}-${pkgver}" + make DESTDIR="${pkgdir}" install + find "${pkgdir}" -type d -name .git -exec rm -r '{}' + + install -D -m644 COPYING "${pkgdir}/usr/share/licenses/ptunnel-ng/LICENSE" + install -D -m644 contrib/ptunnel-ng.conf "${pkgdir}/etc/conf.d/ptunnel-ng" + install -D -m644 contrib/ptunnel-ng.service "${pkgdir}/etc/systemd/system/ptunnel-ng.service" +} diff --git a/contrib/ptunnel-ng.conf b/contrib/ptunnel-ng.conf new file mode 100644 index 0000000..a85af0c --- /dev/null +++ b/contrib/ptunnel-ng.conf @@ -0,0 +1,30 @@ +# Do not forget the '=' between options and values +# for long options e.g. '--option=value'. +# This is not required nor valid for short options e.g. '-o value'. + +# +# required settings +# + +# chroot to this dir +PT_CHROOT="/var/lib/ptunnel" + +# change user/group +PT_USER="nobody" +PT_GROUP="nobody" + +# +# optional settings +# + +# authentication challenge (won't be visible in /proc/*/cmdline) +#PT_PASSWD="--passwd=changeme" + +# magic value protocol identifier (fool IDS/IDP software) +#PT_MAGIC="--magic=0x41414141" + +# destination ip +#PT_DESTIP="--remote-addr=127.0.0.1" + +# destination port +#PT_DESTPORT="--remote-port=22" diff --git a/contrib/ptunnel-ng.service b/contrib/ptunnel-ng.service new file mode 100644 index 0000000..3dae2a9 --- /dev/null +++ b/contrib/ptunnel-ng.service @@ -0,0 +1,20 @@ +[Unit] +Description=PingTunnel NG Proxy/Server +After=syslog.target + +[Service] +Type=fork +EnvironmentFile=/etc/conf.d/ptunnel-ng +Environment="PT_CHROOT=${PT_CHROOT:/var/lib/ptunnel}" +Environment="PT_USER=${PT_USER:nobody}" +Environment="PT_GROUP=${PT_GROUP:nobody}" +ExecStartPre=mkdir -p ${PT_CHROOT} +ExecStartPre=chown ${PT_USER}:${PT_GROUP} ${PT_CHROOT} +ExecStart=/usr/bin/ptunnel-ng \ + --syslog \ + --chroot=${PT_CHROOT} --user=${PT_USER} --group=${PT_GROUP} \ + $PT_PASSWD $PT_MAGIC $PT_DESTIP $PT_DESTPORT +Restart=on-abort + +[Install] +WantedBy=multi-user.target diff --git a/src/options.c b/src/options.c index 024e358..f1080aa 100644 --- a/src/options.c +++ b/src/options.c @@ -87,7 +87,7 @@ static const struct option_usage usage[] = { {"port", 0, OPT_DEC32, {.unum = 2222}, "Set TCP listening port (only used when operating in forward mode)\n" }, - /** --remote-adr */ + /** --remote-addr */ {"address", 1, OPT_STR, {.str = "127.0.0.1"}, "Set remote proxy destination address if client\n" "Restrict to only this destination address if server\n" @@ -188,7 +188,7 @@ static struct option long_options[] = { {"magic", required_argument, 0, 'm'}, {"proxy", required_argument, 0, 'p'}, {"listen", required_argument, 0, 'l'}, - {"remote-adr", optional_argument, 0, 'r'}, + {"remote-addr", optional_argument, 0, 'r'}, {"remote-port", optional_argument, 0, 'R'}, {"connections", required_argument, 0, 'c'}, {"verbosity", required_argument, 0, 'v'}, @@ -231,7 +231,7 @@ static void set_options_defaults(void) { opts.magic = *(uint32_t *) get_default_optval(OPT_HEX32, "magic"); opts.mode = kMode_proxy; opts.tcp_listen_port = *(uint32_t *) get_default_optval(OPT_DEC32, "listen"); - opts.given_dst_hostname = strdup(*(char **) get_default_optval(OPT_STR, "remote-adr")); + opts.given_dst_hostname = strdup(*(char **) get_default_optval(OPT_STR, "remote-addr")); opts.given_dst_port = *(uint32_t *) get_default_optval(OPT_DEC32, "remote-port"); opts.max_tunnels = *(uint32_t *) get_default_optval(OPT_DEC32, "connections"); opts.log_level = *(int *) get_default_optval(OPT_DEC32, "verbosity"); @@ -380,6 +380,10 @@ int parse_options(int argc, char **argv) { /* parse command line arguments */ while (1) { + /* FIXME: We are using '::' (optional argument values). This is not optimal + * since you have to pass long options as '--option=value'. Commonly used + * '--option value' is *NOT* allowed for some libc implementations. + */ c = getopt_long(argc, argv, "m:p:l:r::R::c:v:L::o::sP:d::Su::g::C::e::w:a:t:h", &long_options[0], &oidx); if (c == -1) break; @@ -554,7 +558,7 @@ int parse_options(int argc, char **argv) { } if (optind != argc) { - pt_log(kLog_error, "Unknown argument: %s\n", argv[optind]); + pt_log(kLog_error, "Unknown argument: '%s'\n", argv[optind]); exit(1); } diff --git a/src/pdesc.c b/src/pdesc.c index 819bf4e..b034b8b 100644 --- a/src/pdesc.c +++ b/src/pdesc.c @@ -216,12 +216,18 @@ int queue_packet(int icmp_sock, uint8_t type, char *buf, int num_bytes, pkt->checksum = htons(calc_icmp_checksum((uint16_t*)pkt, pkt_len)); /* Send it! */ - pt_log(kLog_sendrecv, "Send: %d [%d] bytes [seq = %d] " - "[type = %s] [ack = %d] [icmp = %d] [user = %s]\n", - pkt_len, num_bytes, *seq, state_name[state & (~kFlag_mask)], - ack_val, type, ((state & kUser_flag) == kUser_flag ? "yes" : "no")); - err = sendto(icmp_sock, (const void*)pkt, pkt_len, 0, - (struct sockaddr*)dest_addr, sizeof(struct sockaddr)); + pt_log(kLog_sendrecv, "Send: %4d [%4d] bytes " + "[id = 0x%04X] [seq = %d] " + "[seq_no = %d] [type = %s] " + "[ack = %d] [icmp = %d] " + "[user = %s]\n", + pkt_len, num_bytes, + icmp_id, *ping_seq, + *seq, state_name[state & (~kFlag_mask)], + ack_val, type, + ((state & kUser_flag) == kUser_flag ? "yes" : "no")); + err = sendto(icmp_sock, (const void*)pkt, pkt_len, 0, + (struct sockaddr*)dest_addr, sizeof(struct sockaddr)); if (err < 0) { pt_log(kLog_error, "Failed to send ICMP packet: %s\n", strerror(errno)); free(pkt); @@ -128,11 +128,13 @@ void handle_packet(char *buf, unsigned bytes, int is_pcap, struct sockaddr_in *a pt_log(kLog_error, "Dropping packet with invalid state.\n"); return; } - pt_log(kLog_sendrecv, "Recv: %d [%d] bytes " - "[seq = %d] [type = %s] " + pt_log(kLog_sendrecv, "Recv: %4d [%4d] bytes " + "[id = 0x%04X] [seq = %d] " + "[seq_no = %d] [type = %s] " "[ack = %d] [icmp = %d] " - "[user = %s] [pcap = %d]\n", - bytes, ntohl(pt_pkt->data_len), + "[user = %s] [pcap = %d]\n", + bytes, ntohl(pt_pkt->data_len), + pkt->identifier, ntohs(pkt->seq), pt_pkt->seq_no, state_name[pt_pkt->state & (~kFlag_mask)], ntohl(pt_pkt->ack), pkt->type, (pkt_flag == kUser_flag ? "yes" : "no"), is_pcap); diff --git a/src/ptunnel.c b/src/ptunnel.c index 456a747..c87fa3f 100644 --- a/src/ptunnel.c +++ b/src/ptunnel.c @@ -34,7 +34,7 @@ * POSSIBILITY OF SUCH DAMAGE. * * Contacting the author: - * You can get in touch with me, Daniel Stødle (that's the Norwegian letter oe, + * You can get in touch with me, Daniel Stoedle (that's the Norwegian letter oe, * in case your text editor didn't realize), here: <daniels@cs.uit.no> * * The official ptunnel website is here: @@ -98,7 +98,7 @@ char pcap_filter_program[] = "icmp"; /** The chain of client/proxy connections */ proxy_desc_t *chain = 0; -const char *state_name[kNum_proto_types] = { "start", "ack", "data", +const char *state_name[kNum_proto_types] = { "start", "ack ", "data ", "close", "authenticate" }; /* Let the fun begin! */ @@ -641,6 +641,7 @@ void* pt_proxy(void *args) { if (cur->send_ring[idx].pkt && cur->send_ring[idx].last_resend+cur->resend_interval < now) { pt_log(kLog_debug, "Resending packet with seq-no %d.\n", cur->send_ring[idx].seq_no); cur->send_ring[idx].last_resend = now; + cur->send_ring[idx].pkt->identifier = htons(cur->icmp_id); cur->send_ring[idx].pkt->seq = htons(cur->ping_seq); cur->ping_seq++; cur->send_ring[idx].pkt->checksum = 0; diff --git a/src/ptunnel.h b/src/ptunnel.h index d93f997..5a63acc 100644 --- a/src/ptunnel.h +++ b/src/ptunnel.h @@ -32,7 +32,7 @@ * POSSIBILITY OF SUCH DAMAGE. * * Contacting the author: - * You can get in touch with me, Daniel Stødle (that's the Norwegian letter oe, + * You can get in touch with me, Daniel Stoedle (that's the Norwegian letter oe, * in case your text editor didn't realize), here: <daniels@cs.uit.no> * * The official ptunnel website is here: |