Home Explore Help
Register Sign In
NanashiNoGombe
/
proxy2ch
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: v20220501
Branches Tags
proxy2ch
/
main.cpp

main.cpp 22 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672 
  1. #include <string>
    2. 

  2. #include <vector>
    3. 

  3. #include <map>
    4. 

  4. #include <stack>
    5. 

  5. #include <stdio.h>
    6. 

  6. #include <stdlib.h>
    7. 

  7. #include <string.h>
    8. 

  8. #include <stdarg.h>
    9. 

  9. #ifdef _WIN32
    10. 

  10. #include <winsock2.h>
    11. 

  11. #include <ws2tcpip.h>
    12. 

  12. #include <mswsock.h>
    13. 

  13. #else
    14. 

  14. #include <sys/socket.h>
    15. 

  15. #include <netinet/in.h>
    16. 

  16. #include <netdb.h>
    17. 

  17. #endif
    18. 

  18. #include <pthread.h>
    19. 

  19. #include <signal.h>
    20. 

  20. #include <getopt.h>
    21. 

  21. #include <curl/curl.h>
    22. 

  22. #ifdef USE_LUA
    23. 

  23. #include <lua.hpp>
    24. 

  24. #endif
    25. 

  25. #include "BBS2chProxyConnection.h"
    26. 

  26. #include "BBS2chProxyThreadInfo.h"
    27. 

  27. #include "BBS2chProxyAuth.h"
    28. 

  28. #ifdef USE_MITM
    29. 

  29. #include "BBS2chProxySecureSocket.h"
    30. 

  30. #endif
    31. 

  31. 

  32. #define PORT 9080
    33. 

  33. #define VERSION "20220501"
    34. 

  34. #define BACKLOG 32
    35. 

  35. #define NUM_LOCKS 7
    36. 

  36. 

  37. #ifndef NO_THREAD_POOL
    38. 

  38. #ifndef NUM_THREADS_DEFAULT
    39. 

  39. #define NUM_THREADS_DEFAULT 8
    40. 

  40. #endif
    41. 

  41. #include "BBS2chProxyThreadPool.h"
    42. 

  42. static std::stack<void *>curl_handles;
    43. 

  43. static int num_threads = NUM_THREADS_DEFAULT;
    44. 

  44. #endif
    45. 

  45. 

  46. char *proxy_server;
    47. 

  47. long proxy_port;
    48. 

  48. long proxy_type;
    49. 

  49. long timeout = 30;
    50. 

  50. char *user_agent;
    51. 

  51. char *appKey;
    52. 

  52. char *hmacKey;
    53. 

  53. char *api_ua_auth;
    54. 

  54. char *api_ua_dat;
    55. 

  55. char *x_2ch_ua_auth;
    56. 

  56. char *x_2ch_ua_dat;
    57. 

  57. int allow_chunked;
    58. 

  58. int verbosity;
    59. 

  59. int curl_features;
    60. 

  60. unsigned int curl_version_number;
    61. 

  61. bool accept_https;
    62. 

  62. int force_5chnet = 1;
    63. 

  63. int force_5chnet_https;
    64. 

  64. int force_ipv4;
    65. 

  65. char *bbsmenu_url;
    66. 

  66. char *api_server;
    67. 

  67. std::map<std::string, std::string> bbscgi_headers;
    68. 

  68. int gikofix;
    69. 

  69. CURLSH *curl_share;
    70. 

  70. char *lua_script;
    71. 

  71. unsigned int api_mode = 3;
    72. 

  72. unsigned int mitm_mode = 0;
    73. 

  73. std::vector<std::string> bbscgi_postorder;
    74. 

  74. unsigned int bbscgi_utf8 = 1;
    75. 

  75. int api_override;
    76. 

  76. static pthread_mutex_t lockarray[NUM_LOCKS];
    77. 

  77. 

  78. void log_printf(int level, const char *format ...)
    79. 

  79. {
    80. 

  80. 	if(level > verbosity) return;
    81. 

  81. 	va_list argp;
    82. 

  82. 	va_start(argp, format);
    83. 

  83. 	vfprintf(stderr, format, argp);
    84. 

  84. 	va_end(argp);
    85. 

  85. 	fflush(stderr);
    86. 

  86. }
    87. 

  87. 

  88. struct listener {
    89. 

  89. 	int port;
    90. 

  90. 	int sock_listener;
    91. 

  91. 	struct sockaddr_in addr_listener;
    92. 

  92. };
    93. 

  93. 

  94. static void usage(void)
    95. 

  95. {
    96. 

  96. 	fprintf(stderr,"usage: proxy2ch [OPTIONS]\n");
    97. 

  97. 	fprintf(stderr,"available options:\n");
    98. 

  98. 	fprintf(stderr,"    -p <port> : Listen on port <port> (default: %d)\n",PORT);
    99. 

  99. 	fprintf(stderr,"    -t <timeout> : Set connection timeout to <timeout> seconds (default: %ld)\n",timeout);
    100. 

  100. 	fprintf(stderr,"    -a <user-agent> : Overwrite user-agent for connection\n");
    101. 

  101. 	fprintf(stderr,"    -g : Accept all incoming connections (default: localhost only)\n");
    102. 

  102. 	fprintf(stderr,"    -c : Accept HTTP CONNECT method (act as an HTTPS proxy)\n");
    103. 

  103. 	fprintf(stderr,"    -4 : Force IPv4 DNS resolution\n");
    104. 

  104. 	fprintf(stderr,"    -b <backlog> : Set backlog value to <backlog> for listen() (default: %d)\n",BACKLOG);
    105. 

  105. 	fprintf(stderr,"    -s : Force https connection for 5ch.net/bbspink.com URLs\n");
    106. 

  106. 	fprintf(stderr,"    --proxy <server:port> : Use proxy <server:port> for connection\n");
    107. 

  107. 	fprintf(stderr,"    --api <AppKey:HmacKey> : Use API for reading/posting\n");
    108. 

  108. 	fprintf(stderr,"    --api-usage <read|post|all> : Specify operations where API is used (default: all)\n");
    109. 

  109. 	fprintf(stderr,"    --api-auth-ua <user-agent> : Specify user-agent for API authentication\n");
    110. 

  110. 	fprintf(stderr,"    --api-dat-ua <user-agent> : Specify user-agent for dat retrieving via API\n");
    111. 

  111. 	fprintf(stderr,"    --api-auth-xua <X-2ch-UA> : Specify X-2ch-UA for API authentication\n");
    112. 

  112. 	fprintf(stderr,"    --api-dat-xua <X-2ch-UA> : Specify X-2ch-UA for dat retrieving via API\n");
    113. 

  113. 	fprintf(stderr,"    --api-server <server> : Specify gateway server for API\n");
    114. 

  114. 	fprintf(stderr,"    --api-override : Add support for overriding requests which already use API for dat retrieving\n");
    115. 

  115. 	fprintf(stderr,"    --bbsmenu <URL> : Replace \"5ch.net\" occurrences in links for URL\n");
    116. 

  116. 	fprintf(stderr,"    --chunked : Preserve \"chunked\" transfer encoding\n");
    117. 

  117. 	fprintf(stderr,"    --bbscgi-header <header: value> : Force replace header when sending request to bbs.cgi\n");
    118. 

  118. 	fprintf(stderr,"    --bbscgi-postorder <field1,field2,...> : Specify a field order in request body being sent to bbs.cgi\n");
    119. 

  119. 	fprintf(stderr,"    --bbscgi-utf8 <none|api|all> : Specify whether a request body being sent to bbs.cgi should be converted to UTF-8\n");
    120. 

  120. #ifdef USE_LUA
    121. 

  121. 	fprintf(stderr,"    --bbscgi-lua <path> : Process request header/body being sent to bbs.cgi with a Lua script at <path>\n");
    122. 

  122. #endif
    123. 

  123. 	fprintf(stderr,"    --verbose : Print logs in detail\n");
    124. 

  124. 	fprintf(stderr,"    --gikofix : Fix invalid HTTP POST body (for gikoNavi)\n");
    125. 

  125. #ifndef NO_THREAD_POOL
    126. 

  126. 	fprintf(stderr,"    --num-threads <num> : Specify number of threads in a thread pool\n");
    127. 

  127. #endif
    128. 

  128. #ifdef USE_MITM
    129. 

  129. 	fprintf(stderr,"    --mitm <minimal|all> : Act as MITM proxy when -c option is given (experimental)\n");
    130. 

  130. 	fprintf(stderr,"    --mitm-ca-cert <certpath> : Specify CA certificate in PEM format for MITM proxy\n");
    131. 

  131. 	fprintf(stderr,"    --mitm-ca-key <keypath> : Specify CA private key in PEM format for MITM proxy\n");
    132. 

  132. 	fprintf(stderr,"    --mitm-certgen : Generate self-signed CA certificate and private key, print them in PEM format, and exit\n");
    133. 

  133. #endif
    134. 

  134. }
    135. 

  135. 

  136. static void *threadMainLoop(void *param)
    137. 

  137. {
    138. 

  138. #ifndef _WIN32
    139. 

  139. 	sigset_t signalsToIgnore;
    140. 

  140. 	sigemptyset(&signalsToIgnore);
    141. 

  141. 	sigaddset(&signalsToIgnore, SIGPIPE);
    142. 

  142. 	if (-1 == pthread_sigmask(SIG_BLOCK, &signalsToIgnore, NULL)) {
    143. 

  143. 		perror("pthread_sigmask");
    144. 

  144. 		return NULL;
    145. 

  145. 	}
    146. 

  146. #endif
    147. 

  147. 	CURL *curl = curl_easy_init();
    148. 

  148. #ifndef NO_THREAD_POOL
    149. 

  149. 	BBS2chProxyThreadPool<PBBS2chProxyConnection> *pool = reinterpret_cast<BBS2chProxyThreadPool<PBBS2chProxyConnection> *>(param);
    150. 

  150. #ifndef NO_CURL_REUSE_HTTPS
    151. 

  151. 	bool canReuseHttps = curl_version_number >= 0x75000; /* 7.80.0 and later */
    152. 

  152. #else
    153. 

  153. 	bool canReuseHttps = false;
    154. 

  154. #endif
    155. 

  155. 	pool->lock();
    156. 

  156. 	curl_handles.push(curl);
    157. 

  157. 	pool->unlock();
    158. 

  158. 	while (1) {
    159. 

  159. 		PBBS2chProxyConnection connection;
    160. 

  160. 		if (pool->getAndLock(&connection) != 0) {
    161. 

  161. 			curl = curl_handles.top();
    162. 

  162. 			curl_handles.pop();
    163. 

  163. 			pool->unlock();
    164. 

  164. 			break;
    165. 

  165. 		}
    166. 

  166. 		connection->curl = curl_handles.top();
    167. 

  167. 		curl_handles.pop();
    168. 

  168. 		pool->unlock();
    169. 

  169. 		connection->connect();
    170. 

  170. 		pool->lock();
    171. 

  171. 		/* curl_easy_reset does not necessaryly release unused TLS contexts, and
    172. 

  172. 		   it results in waste of memory. This issue seems to be fixed in curl
    173. 

  173. 		   7.80.0 and later, but in the earlier versions the logic below might
    174. 

  174. 		   be useful to reduce memory consumption.
    175. 

  175. 		   Ref: https://github.com/curl/curl/issues/7683 */
    176. 

  176. 		/*if (curl_handles.size() + 2 < num_threads && pool->countInQueue() == 0) {
    177. 

  177. 			curl_easy_cleanup(connection->curl);
    178. 

  178. 			connection->curl = curl_easy_init();
    179. 

  179. 		}*/
    180. 

  180. 		if (!canReuseHttps && connection->isHttps) {
    181. 

  181. 			curl_easy_cleanup(connection->curl);
    182. 

  182. 			connection->curl = curl_easy_init();
    183. 

  183. 		}
    184. 

  184. 		curl_handles.push(connection->curl);
    185. 

  185. 		pool->unlock();
    186. 

  186. 	}
    187. 

  187. #else
    188. 

  188. 	BBS2chProxyConnection *connection = reinterpret_cast<BBS2chProxyConnection *>(param);
    189. 

  189. 	connection->curl = curl;
    190. 

  190. 	connection->connect();
    191. 

  191. 	delete connection;
    192. 

  192. #endif
    193. 

  193. 	curl_easy_cleanup(curl);
    194. 

  194. 	return NULL;
    195. 

  195. }
    196. 

  196. 

  197. static void *listen(void *param)
    198. 

  198. {
    199. 

  199. 	struct listener *listener = (struct listener *)param;
    200. 

  200. 	log_printf(0,"Listening on port %d...\n",listener->port);
    201. 

  201. 	if(listener->addr_listener.sin_addr.s_addr == INADDR_ANY) {
    202. 

  202. 		log_printf(0,"WARNING: proxy accepts all incoming connections!\n");
    203. 

  203. 	}
    204. 

  204. 	fflush(stderr);
    205. 

  205. 	int sock_c;
    206. 

  206. 	pthread_mutex_t mutex, mutex2;
    207. 

  207. 	BBS2chProxyThreadCache cache;
    208. 

  208. 	socklen_t addrlen = sizeof(listener->addr_listener);
    209. 

  209. 	
    210. 

  210. 	pthread_mutex_init(&mutex, NULL);
    211. 

  211. 	pthread_mutex_init(&mutex2, NULL);
    212. 

  212. 	BBS2chProxyAuth auth(&mutex2);
    213. 

  213. #ifndef NO_THREAD_POOL
    214. 

  214. 	BBS2chProxyThreadPool<PBBS2chProxyConnection> pool(num_threads);
    215. 

  215. 	pool.run(threadMainLoop);
    216. 

  216. #endif
    217. 

  217. 	
    218. 

  218. 	while(1) {
    219. 

  219. 		if (-1 == (sock_c = accept(listener->sock_listener, (struct sockaddr *)&listener->addr_listener, &addrlen))) {
    220. 

  220. 			perror("accept");
    221. 

  221. 			continue;
    222. 

  222. 		}
    223. 

  223. 		//fprintf(stderr,"accepted\n");
    224. 

  224. #ifndef NO_THREAD_POOL
    225. 

  225. 		PBBS2chProxyConnection connection(new BBS2chProxyConnection(sock_c, &cache, &auth, &mutex));
    226. 

  226. 		pool.add(connection);
    227. 

  227. #else
    228. 

  228. 		BBS2chProxyConnection *connection = new BBS2chProxyConnection(sock_c, &cache, &auth, &mutex);
    229. 

  229. 		connection->run(threadMainLoop);
    230. 

  230. #endif
    231. 

  231. 	}
    232. 

  232. 	
    233. 

  233. 	pthread_mutex_destroy(&mutex);
    234. 

  234. 	pthread_mutex_destroy(&mutex2);
    235. 

  235. }
    236. 

  236. 

  237. static void lock_cb(CURL *handle, curl_lock_data data, curl_lock_access access, void *userptr)
    238. 

  238. {
    239. 

  239. 	pthread_mutex_lock(&lockarray[data]);
    240. 

  240. }
    241. 

  241. 

  242. static void unlock_cb(CURL *handle, curl_lock_data data, void *userptr)
    243. 

  243. {
    244. 

  244. 	pthread_mutex_unlock(&lockarray[data]);
    245. 

  245. }
    246. 

  246. 

  247. static void init_locks(void)
    248. 

  248. {
    249. 

  249. 	int i;
    250. 

  250. 	for(i = 0; i< NUM_LOCKS; i++)
    251. 

  251. 		pthread_mutex_init(&lockarray[i], NULL);
    252. 

  252. }
    253. 

  253. 

  254. int main(int argc, char *argv[])
    255. 

  255. {
    256. 

  256. 	struct listener listener;
    257. 

  257. 	int	ch;
    258. 

  258. 	extern char	*optarg;
    259. 

  259. 	extern int optind, opterr;
    260. 

  260. 	int option_index;
    261. 

  261. 	bool global = false;
    262. 

  262. 	int backlog = BACKLOG;
    263. 

  263. 	const char *certpath = NULL, *keypath = NULL;
    264. 

  264. 	struct option options[] = {
    265. 

  265. 		{"proxy", 1, NULL, 0},
    266. 

  266. 		{"api", 1, NULL, 0},
    267. 

  267. 		{"api-auth-ua", 1, NULL, 0},
    268. 

  268. 		{"api-dat-ua", 1, NULL, 0},
    269. 

  269. 		{"api-auth-xua", 1, NULL, 0},
    270. 

  270. 		{"api-dat-xua", 1, NULL, 0},
    271. 

  271. 		{"api-server", 1, NULL, 0},
    272. 

  272. 		{"api-usage", 1, NULL, 0},
    273. 

  273. 		{"api-override", 0, NULL, 0},
    274. 

  274. 		{"bbsmenu", 1, NULL, 0},
    275. 

  275. 		{"chunked", 0, NULL, 0},
    276. 

  276. 		{"verbose", 0, NULL, 0},
    277. 

  277. 		{"debug", 0, NULL, 0},
    278. 

  278. 		{"bbscgi-header", 1, NULL, 0},
    279. 

  279. 		{"bbscgi-postorder", 1, NULL, 0},
    280. 

  280. 		{"bbscgi-utf8", 1, NULL, 0},
    281. 

  281. #ifdef USE_LUA
    282. 

  282. 		{"bbscgi-lua", 1, NULL, 0},
    283. 

  283. #endif
    284. 

  284. 		{"gikofix", 0, NULL, 0},
    285. 

  285. #ifdef USE_MITM
    286. 

  286. 		{"mitm", 1, NULL, 0},
    287. 

  287. 		{"mitm-ca-cert", 1, NULL, 0},
    288. 

  288. 		{"mitm-ca-key", 1, NULL, 0},
    289. 

  289. 		{"mitm-certgen", 0, NULL, 0},
    290. 

  290. #endif
    291. 

  291. #ifndef NO_THREAD_POOL
    292. 

  292. 		{"num-threads", 1, NULL, 0},
    293. 

  293. #endif
    294. 

  294. 		{0, 0, 0, 0}
    295. 

  295. 	};
    296. 

  296. 	
    297. 

  297. 	curl_global_init(CURL_GLOBAL_DEFAULT);
    298. 

  298. 	curl_version_info_data *data = curl_version_info(CURLVERSION_NOW);
    299. 

  299. 	curl_features = data->features;
    300. 

  300. 	curl_version_number = data->version_num;
    301. 

  301. 	if(data->version_num >= 0x074400) { /* version 7.68.0 or later */
    302. 

  302. 		init_locks();
    303. 

  303. 		curl_share = curl_share_init();
    304. 

  304. 		curl_share_setopt(curl_share, CURLSHOPT_LOCKFUNC, lock_cb);
    305. 

  305. 		curl_share_setopt(curl_share, CURLSHOPT_UNLOCKFUNC, unlock_cb);
    306. 

  306. 		curl_share_setopt(curl_share, CURLSHOPT_SHARE, CURL_LOCK_DATA_DNS);
    307. 

  307. #if LIBCURL_VERSION_NUM >= 0x070a03
    308. 

  308. 		curl_share_setopt(curl_share, CURLSHOPT_SHARE, CURL_LOCK_DATA_SSL_SESSION);
    309. 

  309. #endif
    310. 

  310. /* Shared connection cache is still buggy at the moment!
    311. 

  311.    See https://github.com/curl/curl/issues/4915 */
    312. 

  312. #if 0 && LIBCURL_VERSION_NUM >= 0x073900
    313. 

  313. 		curl_share_setopt(curl_share, CURLSHOPT_SHARE, CURL_LOCK_DATA_CONNECT);
    314. 

  314. #endif
    315. 

  315. 	}
    316. 

  316. 	log_printf(0,"proxy2ch version %s with curl %s (TLS/SSL backend: %s)\n",VERSION,data->version,data->ssl_version);
    317. 

  317. #ifdef USE_LUA
    318. 

  318. 	log_printf(0,"Scripting enabled with " LUA_RELEASE "\n");
    319. 

  319. #endif
    320. 

  320. 	
    321. 

  321. 	memset(&listener, 0, sizeof(listener));
    322. 

  322. 	listener.port = PORT;
    323. 

  323. 	api_server = strdup("api.5ch.net");
    324. 

  324. 	
    325. 

  325. 	while ((ch = getopt_long(argc, argv, "p:t:ha:gc4b:s", options, &option_index)) != -1) {
    326. 

  326. 		switch (ch) {
    327. 

  327. 			case 0:
    328. 

  328. 				if(!strcmp(options[option_index].name, "proxy")) {
    329. 

  329. 					char *ptr = strchr(optarg, '@');
    330. 

  330. 					if(!ptr) {
    331. 

  331. 						ptr = strstr(optarg, "://");
    332. 

  332. 						if(ptr) ptr = strchr(ptr+3,':');
    333. 

  333. 						else ptr = strchr(optarg,':');
    334. 

  334. 					}
    335. 

  335. 					else ptr = strchr(ptr+1,':');
    336. 

  336. 					if(!ptr) {
    337. 

  337. 						fprintf(stderr,"Proxy port is not specified, as --proxy=server:port\n");
    338. 

  338. 						return -1;
    339. 

  339. 					}
    340. 

  340. 					proxy_server = (char *)malloc(ptr-optarg+1);
    341. 

  341. 					proxy_port = atoi(ptr+1);
    342. 

  342. 					memcpy(proxy_server,optarg,ptr-optarg);
    343. 

  343. 					proxy_server[ptr-optarg] = 0;
    344. 

  344. 					if(!strncasecmp(optarg,"socks4://",9)) proxy_type = CURLPROXY_SOCKS4;
    345. 

  345. 					else if(!strncasecmp(optarg,"socks5://",9)) proxy_type = CURLPROXY_SOCKS5;
    346. 

  346. #if LIBCURL_VERSION_NUM >= 0x071200
    347. 

  347. 					else if(!strncasecmp(optarg,"socks4a://",10)) proxy_type = CURLPROXY_SOCKS4A;
    348. 

  348. 					else if(!strncasecmp(optarg,"socks5h://",10)) proxy_type = CURLPROXY_SOCKS5_HOSTNAME;
    349. 

  349. #endif
    350. 

  350. 				}
    351. 

  351. 				else if(!strcmp(options[option_index].name, "api")) {
    352. 

  352. 					if((curl_features & CURL_VERSION_SSL) == 0) {
    353. 

  353. 						fprintf(stderr,"Your libcurl doesn't support HTTPS; API mode cannot be enabled.\n");
    354. 

  354. 						return -1;
    355. 

  355. 					}
    356. 

  356. 					char *ptr = strchr(optarg, ':');
    357. 

  357. 					if(!ptr) {
    358. 

  358. 						fprintf(stderr,"API keys should be provided as AppKey:HmacKey\n");
    359. 

  359. 						return -1;
    360. 

  360. 					}
    361. 

  361. 					appKey = (char *)malloc(ptr-optarg+1);
    362. 

  362. 					memcpy(appKey,optarg,ptr-optarg);
    363. 

  363. 					appKey[ptr-optarg] = 0;
    364. 

  364. 					char *start = ptr+1;
    365. 

  365. 					ptr = strchr(start, ':');
    366. 

  366. 					if(!ptr) ptr = strchr(optarg, 0);
    367. 

  367. 					hmacKey = (char *)malloc(ptr-start+1);
    368. 

  368. 					memcpy(hmacKey,start,ptr-start);
    369. 

  369. 					hmacKey[ptr-start] = 0;
    370. 

  370. 					/*if(*ptr) {
    371. 

  371. 						x_2ch_ua = (char *)malloc(strlen(ptr+1)+11);
    372. 

  372. 						sprintf(x_2ch_ua,"X-2ch-UA: %s",ptr+1);
    373. 

  373. 					}*/
    374. 

  374. 					//fprintf(stderr,"%s,%s,%s\n",appKey,hmacKey,x_2ch_ua);
    375. 

  375. 					//return 0;
    376. 

  376. 				}
    377. 

  377. 				else if(!strcmp(options[option_index].name, "api-auth-ua")) {
    378. 

  378. 					api_ua_auth = (char *)malloc(strlen(optarg)+1);
    379. 

  379. 					strcpy(api_ua_auth,optarg);
    380. 

  380. 				}
    381. 

  381. 				else if(!strcmp(options[option_index].name, "api-dat-ua")) {
    382. 

  382. 					api_ua_dat = (char *)malloc(strlen(optarg)+1);
    383. 

  383. 					strcpy(api_ua_dat,optarg);
    384. 

  384. 				}
    385. 

  385. 				else if(!strcmp(options[option_index].name, "api-auth-xua")) {
    386. 

  386. 					x_2ch_ua_auth = (char *)malloc(strlen(optarg)+11);
    387. 

  387. 					sprintf(x_2ch_ua_auth,"X-2ch-UA: %s",optarg);
    388. 

  388. 				}
    389. 

  389. 				else if(!strcmp(options[option_index].name, "api-dat-xua")) {
    390. 

  390. 					x_2ch_ua_dat = (char *)malloc(strlen(optarg)+11);
    391. 

  391. 					sprintf(x_2ch_ua_dat,"X-2ch-UA: %s",optarg);
    392. 

  392. 				}
    393. 

  393. 				else if(!strcmp(options[option_index].name, "chunked")) {
    394. 

  394. 					allow_chunked = 1;
    395. 

  395. 				}
    396. 

  396. 				else if(!strcmp(options[option_index].name, "verbose")) {
    397. 

  397. 					verbosity = 1;
    398. 

  398. 				}
    399. 

  399. 				else if(!strcmp(options[option_index].name, "debug")) {
    400. 

  400. 					verbosity = 5;
    401. 

  401. 				}
    402. 

  402. 				else if(!strcmp(options[option_index].name, "bbsmenu")) {
    403. 

  403. 					bbsmenu_url = (char *)malloc(strlen(optarg)+1);
    404. 

  404. 					strcpy(bbsmenu_url, optarg);
    405. 

  405. 				}
    406. 

  406. 				else if(!strcmp(options[option_index].name, "api-server")) {
    407. 

  407. 					if(api_server) free(api_server);
    408. 

  408. 					api_server = (char *)malloc(strlen(optarg)+1);
    409. 

  409. 					strcpy(api_server, optarg);
    410. 

  410. 				}
    411. 

  411. 				else if(!strcmp(options[option_index].name, "bbscgi-header")) {
    412. 

  412. 					char *ptr = strchr(optarg, ':');
    413. 

  413. 					if(!ptr) break;
    414. 

  414. 					char *header = (char *)malloc(ptr-optarg+1);
    415. 

  415. 					memcpy(header,optarg,ptr-optarg);
    416. 

  416. 					header[ptr-optarg] = 0;
    417. 

  417. 					char *value = ptr+1;
    418. 

  418. 					ptr = header+(ptr-optarg-1);
    419. 

  419. 					while(*ptr == ' ') *ptr-- = 0;
    420. 

  420. 					while(*value == ' ') value++;
    421. 

  421. 					bbscgi_headers[header] = value;
    422. 

  422. 					free(header);
    423. 

  423. 				}
    424. 

  424. 				else if(!strcmp(options[option_index].name, "bbscgi-postorder")) {
    425. 

  425. 					const char *ptr = optarg;
    426. 

  426. 					while(*ptr == ' ') ptr++;
    427. 

  427. 					while(*ptr) {
    428. 

  428. 						const char *end = strchr(ptr, ',');
    429. 

  429. 						if(end) {
    430. 

  430. 							const char *next = end + 1;
    431. 

  431. 							if(end > ptr) {
    432. 

  432. 								end--;
    433. 

  433. 								while(*end == ' ' && end > ptr) end--;
    434. 

  434. 								bbscgi_postorder.push_back(std::string(ptr, end-ptr+1));
    435. 

  435. 							}
    436. 

  436. 							ptr = next;
    437. 

  437. 							while(*ptr == ' ') ptr++;
    438. 

  438. 							continue;
    439. 

  439. 						}
    440. 

  440. 						end = strchr(ptr, 0);
    441. 

  441. 						while(*end == ' ' && end > ptr) end--;
    442. 

  442. 						if(end > ptr) bbscgi_postorder.push_back(std::string(ptr, end-ptr));
    443. 

  443. 						break;
    444. 

  444. 					}
    445. 

  445. 				}
    446. 

  446. 				else if(!strcmp(options[option_index].name, "bbscgi-utf8")) {
    447. 

  447. 					if(!strcmp(optarg, "none")) bbscgi_utf8 = 0;
    448. 

  448. 					else if(!strcmp(optarg, "api")) bbscgi_utf8 = 1;
    449. 

  449. 					else if(!strcmp(optarg, "all")) bbscgi_utf8 = 2;
    450. 

  450. 					else {
    451. 

  451. 						fprintf(stderr, "A value for --bbscgi-utf8 must be one of [none, api, all]\n");
    452. 

  452. 						return -1;
    453. 

  453. 					}
    454. 

  454. 				}
    455. 

  455. #ifdef USE_LUA
    456. 

  456. 				else if(!strcmp(options[option_index].name, "bbscgi-lua")) {
    457. 

  457. 					lua_script = (char *)malloc(strlen(optarg)+1);
    458. 

  458. 					strcpy(lua_script, optarg);
    459. 

  459. 				}
    460. 

  460. #endif
    461. 

  461. 				else if(!strcmp(options[option_index].name, "gikofix")) {
    462. 

  462. 					gikofix = 1;
    463. 

  463. 				}
    464. 

  464. 				else if(!strcmp(options[option_index].name, "api-usage")) {
    465. 

  465. 					if(!strcmp(optarg, "read")) api_mode = 1;
    466. 

  466. 					else if(!strcmp(optarg, "post")) api_mode = 2;
    467. 

  467. 					else if(!strcmp(optarg, "postinclpink")) api_mode = 4;
    468. 

  468. 					else if(!strcmp(optarg, "all")) api_mode = 3;
    469. 

  469. 					else if(!strcmp(optarg, "allinclpink")) api_mode = 5;
    470. 

  470. 					else {
    471. 

  471. 						fprintf(stderr, "A value for --api-usage must be one of [read, post, postinclpink, all, allinclpink]\n");
    472. 

  472. 						return -1;
    473. 

  473. 					}
    474. 

  474. 				}
    475. 

  475. 				else if(!strcmp(options[option_index].name, "api-override")) {
    476. 

  476. 					api_override = 1;
    477. 

  477. 				}
    478. 

  478. #ifdef USE_MITM
    479. 

  479. 				else if(!strcmp(options[option_index].name, "mitm")) {
    480. 

  480. 					if(!strcmp(optarg, "minimal")) mitm_mode = 1;
    481. 

  481. 					else if(!strcmp(optarg, "all")) mitm_mode = 2;
    482. 

  482. 					else {
    483. 

  483. 						fprintf(stderr, "A value for --mitm must be one of [minimal, all]\n");
    484. 

  484. 						return -1;
    485. 

  485. 					}
    486. 

  486. 				}
    487. 

  487. 				else if(!strcmp(options[option_index].name, "mitm-ca-cert")) {
    488. 

  488. 					certpath = optarg;
    489. 

  489. 				}
    490. 

  490. 				else if(!strcmp(options[option_index].name, "mitm-ca-key")) {
    491. 

  491. 					keypath = optarg;
    492. 

  492. 				}
    493. 

  493. 				else if(!strcmp(options[option_index].name, "mitm-certgen")) {
    494. 

  494. 					BBS2chProxySecureSocket::generateAndPrintSelfSignedCertificate();
    495. 

  495. 					return 0;
    496. 

  496. 				}
    497. 

  497. #endif
    498. 

  498. #ifndef NO_THREAD_POOL
    499. 

  499. 				else if(!strcmp(options[option_index].name, "num-threads")) {
    500. 

  500. 					int num = atoi(optarg);
    501. 

  501. 					if (num < 1) {
    502. 

  502. 						fprintf(stderr, "Number of threads must be greater than 0\n");
    503. 

  503. 						return -1;
    504. 

  504. 					}
    505. 

  505. 					if (num > 64) {
    506. 

  506. 						fprintf(stderr, "Number of threads must be less than or equal to 64\n");
    507. 

  507. 						return -1;
    508. 

  508. 					}
    509. 

  509. 					num_threads = num;
    510. 

  510. 				}
    511. 

  511. #endif
    512. 

  512. 				break;
    513. 

  513. 			case 'p':
    514. 

  514. 				listener.port = atoi(optarg);
    515. 

  515. 				break;
    516. 

  516. 			case 't':
    517. 

  517. 				timeout = atoi(optarg);
    518. 

  518. 				break;
    519. 

  519. 			case 'a':
    520. 

  520. 				user_agent = (char *)malloc(strlen(optarg)+1);
    521. 

  521. 				strcpy(user_agent, optarg);
    522. 

  522. 				break;
    523. 

  523. 			case 'g':
    524. 

  524. 				global = true;
    525. 

  525. 				break;
    526. 

  526. 			case 'c':
    527. 

  527. 				accept_https = true;
    528. 

  528. 				break;
    529. 

  529. 			case '4':
    530. 

  530. 				force_ipv4 = 1;
    531. 

  531. 				break;
    532. 

  532. 			case 'b':
    533. 

  533. 				backlog = atoi(optarg);
    534. 

  534. 				break;
    535. 

  535. 			case 's':
    536. 

  536. 				if((curl_features & CURL_VERSION_SSL) == 0) {
    537. 

  537. 					fprintf(stderr,"Your libcurl doesn't support HTTPS; it does not work with -s option.\n");
    538. 

  538. 					return -1;
    539. 

  539. 				}
    540. 

  540. 				if(strstr(data->ssl_version, "OpenSSL/0") || strstr(data->ssl_version, "OpenSSL/1.0") ||
    541. 

  541. 				   (strstr(data->ssl_version, "LibreSSL/2") && !strstr(data->ssl_version, "LibreSSL/2.9"))) {
    542. 

  542. 					fprintf(stderr,
    543. 

  543. 						"WARNING: OpenSSL < 1.1.0 and LibreSSL < 2.9.0 aren't thread-safe without setting callbacks for mutex. "
    544. 

  544. 						"It may cause unintended crashes when many requests are incoming at the same time.\n");
    545. 

  545. 				}
    546. 

  546. 				force_5chnet_https = 1;
    547. 

  547. 				break;
    548. 

  548. 			default:
    549. 

  549. 				usage();
    550. 

  550. 				return 0;
    551. 

  551. 		}
    552. 

  552. 	}
    553. 

  553. 	if (api_override && !appKey) {
    554. 

  554. 		fprintf(stderr, "WARNING: --api-override option requires an API key.\n");
    555. 

  555. 	}
    556. 

  556. #ifdef USE_MITM
    557. 

  557. 	if (mitm_mode) {
    558. 

  558. 		if (!certpath || !keypath) {
    559. 

  559. 			fprintf(stderr, "MITM is enabled but certificate and/or key is not given.\n");
    560. 

  560. 			return -1;
    561. 

  561. 		}
    562. 

  562. 		if (BBS2chProxySecureSocket::initializeCerts(certpath, keypath) != 0) {
    563. 

  563. 			fprintf(stderr, "MITM is enabled but given certificate and/or key is invalid.\n");
    564. 

  564. 			return -1;
    565. 

  565. 		}
    566. 

  566. 		if (!accept_https) {
    567. 

  567. 			fprintf(stderr, "WARNING: --mitm option is given but -c is not given. MITM mode is disabled.\n");
    568. 

  568. 		}
    569. 

  569. 	}
    570. 

  570. #endif
    571. 

  571. 	log_printf(0, "Global User-Agent: %s\n",user_agent?user_agent:"n/a");
    572. 

  572. 	if(appKey) {
    573. 

  573. 		log_printf(0, "Use API for:");
    574. 

  574. 		if (api_mode & 1) log_printf(0, " reading");
    575. 

  575. 		if (api_mode & 2) log_printf(0, " posting");
    576. 

  576. 		if (api_mode & 4) log_printf(0, " posting (including bbspink)");
    577. 

  577. 		log_printf(0, "\n");
    578. 

  578. 		if (api_mode & 1) {
    579. 

  579. 			const char *altUserAgent = "";
    580. 

  580. 			if (user_agent && !strncmp(user_agent, "Monazilla/", strlen("Monazilla/"))) altUserAgent = user_agent;
    581. 

  581. 			log_printf(0, "API gateway server: %s\n",api_server);
    582. 

  582. 			log_printf(0, "User-Agent (for API authentication): %s\n",api_ua_auth?api_ua_auth:altUserAgent);
    583. 

  583. 			log_printf(0, "User-Agent (for API dat retrieving): %s\n",api_ua_dat?api_ua_dat:altUserAgent);
    584. 

  584. 			log_printf(0, "X-2ch-UA (for API authentication): %s\n",x_2ch_ua_auth?x_2ch_ua_auth+10:"");
    585. 

  585. 			log_printf(0, "X-2ch-UA (for API dat retrieving): %s\n",x_2ch_ua_dat?x_2ch_ua_dat+10:"");
    586. 

  586. 		}
    587. 

  587. 	}
    588. 

  588. 	if(!bbscgi_headers.empty()) {
    589. 

  589. 		log_printf(0, "Custom headers for bbs.cgi:\n");
    590. 

  590. 		for(std::map<std::string, std::string>::iterator it = bbscgi_headers.begin(); it!=bbscgi_headers.end(); it++) {
    591. 

  591. 			log_printf(0, "  %s: %s\n", it->first.c_str(), it->second.c_str());
    592. 

  592. 		}
    593. 

  593. 	}
    594. 

  594. 	if(lua_script) {
    595. 

  595. 		log_printf(0, "Use Lua script %s for bbs.cgi request modification\n", lua_script);
    596. 

  596. 	}
    597. 

  597. 	if(proxy_server) {
    598. 

  598. 		log_printf(0,"Use proxy %s:%ld for connection\n",proxy_server,proxy_port);
    599. 

  599. 	}
    600. 

  600. 

  601. 	BBS2chProxyConnection::compileRegex();
    602. 

  602. 	
    603. 

  603. #ifdef _WIN32
    604. 

  604. 	WSADATA wsaData;
    605. 

  605. 	if (WSAStartup(MAKEWORD(2, 0), &wsaData) == SOCKET_ERROR) {
    606. 

  606. 		fprintf(stderr, "WSAStartup: error initializing WSA.\n");
    607. 

  607. 		return -1;
    608. 

  608. 	}
    609. 

  609. #endif
    610. 

  610. 	
    611. 

  611. 	listener.addr_listener.sin_family = AF_INET;
    612. 

  612. 	if(global) listener.addr_listener.sin_addr.s_addr = INADDR_ANY;
    613. 

  613. 	else listener.addr_listener.sin_addr.s_addr = htonl(INADDR_LOOPBACK);
    614. 

  614. 	listener.addr_listener.sin_port = htons(listener.port);
    615. 

  615. 	
    616. 

  616. #ifdef _WIN32
    617. 

  617. 	if ((listener.sock_listener = WSASocket(AF_INET, SOCK_STREAM, IPPROTO_TCP, NULL, 0, 0)) == INVALID_SOCKET) {
    618. 

  618. 		fprintf(stderr,"WSASocket: socket initialize error\n");
    619. 

  619. 		return -1;
    620. 

  620. 	}
    621. 

  621. #else
    622. 

  622. 	if (-1 == (listener.sock_listener = socket(AF_INET, SOCK_STREAM, 0))) {
    623. 

  623. 		perror("socket");
    624. 

  624. 		return -1;
    625. 

  625. 	}
    626. 

  626. #endif
    627. 

  627. 	
    628. 

  628. 	int optval=1;
    629. 

  629. 	setsockopt(listener.sock_listener, SOL_SOCKET, SO_REUSEADDR, (char *)&optval, sizeof(optval));
    630. 

  630. #ifdef _WIN32
    631. 

  631. 	optval = SO_SYNCHRONOUS_NONALERT;
    632. 

  632. 	setsockopt(INVALID_SOCKET, SOL_SOCKET, SO_OPENTYPE, (char *)&optval, sizeof(optval));
    633. 

  633. #endif
    634. 

  634. 	
    635. 

  635. 	socklen_t addrlen = sizeof(listener.addr_listener);
    636. 

  636. 	if (-1 == bind(listener.sock_listener, (struct sockaddr *)&listener.addr_listener, addrlen)) {
    637. 

  637. 		perror("bind");
    638. 

  638. 		return -1;
    639. 

  639. 	}
    640. 

  640. 	
    641. 

  641. 	if (-1 == listen(listener.sock_listener, backlog)) {
    642. 

  642. 		perror("listen");
    643. 

  643. 		return -1;
    644. 

  644. 	}
    645. 

  645. 	
    646. 

  646. 	if (-1 == getsockname(listener.sock_listener, (struct sockaddr *)&listener.addr_listener, &addrlen)) {
    647. 

  647. 		perror("getsockname");
    648. 

  648. 		return -1;
    649. 

  649. 	}
    650. 

  650. 	
    651. 

  651. #ifndef _WIN32
    652. 

  652. 	struct sigaction sa;
    653. 

  653. 	memset(&sa, 0, sizeof(sa));
    654. 

  654. 	sa.sa_handler = SIG_IGN;
    655. 

  655. 	sigemptyset(&sa.sa_mask);
    656. 

  656. 	if (-1 == sigaction(SIGPIPE, &sa, NULL)) {
    657. 

  657. 		perror("sigaction");
    658. 

  658. 		return -1;
    659. 

  659. 	}
    660. 

  660. #endif
    661. 

  661. 

  662. #if 0
    663. 

  663. 	pthread_t thread_listener;
    664. 

  664. 	if(0 != pthread_create(&thread_listener , NULL , listen , &listener))
    665. 

  665. 		perror("pthread_create");
    666. 

  666. 	pthread_join(thread_listener, NULL);
    667. 

  667. #else
    668. 

  668. 	listen(&listener);
    669. 

  669. #endif
    670. 

  670. 	return 0;
    671. 

  671. }
    672. 

  672.