From 8a317800ef6ae1bd6c013d9ba93bd1e1888c31b7 Mon Sep 17 00:00:00 2001 From: Marek Rost Date: Tue, 19 Jun 2018 17:55:14 +0200 Subject: [PATCH] added username/password authentication according to RFC 1929 --- config.php | 3 +++ start.php | 63 ++++++++++++++++++++++++++++++++++++++++++++---------- 2 files changed, 55 insertions(+), 11 deletions(-) create mode 100644 config.php diff --git a/config.php b/config.php new file mode 100644 index 0000000..540540a --- /dev/null +++ b/config.php @@ -0,0 +1,3 @@ +$AUTH_ENABLED = 0; +$USERNAME = 'changeme'; +$PASSWORD = '1234'; diff --git a/start.php b/start.php index 55b6fcf..e810232 100644 --- a/start.php +++ b/start.php @@ -1,4 +1,4 @@ -onConnect = function($connection) @@ -35,16 +40,52 @@ $worker->onMessage = function($connection, $buffer) switch($connection->stage) { case STAGE_INIT: + if ($AUTH_ENABLED) + { + $methodslen = ord($buffer[1]); + $methods = array(); + for ($i = 0; $i < strlen($buffer)-3; $i++) + { + array_push($methods, ord($buffer[$i+3])); + } + if (in_array(METHOD_USER_PASS, $methods)) + { + $connection->send("\x05\x02"); + $connection->stage = STAGE_AUTH; + return; + } + echo "client does not support user/pass auth\n"; + $connection->send("\x05\xff"); + $connection->stage = STAGE_DESTROYED; + $connection->close(); + return; + } $connection->send("\x05\x00"); $connection->stage = STAGE_ADDR; return; + case STAGE_AUTH: + $userlen = ord($buffer[1]); + $user = substr($buffer, 2, $userlen); + $passlen = ord($buffer[2 + $userlen]); + $pass = substr($buffer, 3 + $userlen, $passlen); + if ($user == $USERNAME && $pass == $PASSWORD) + { + $connection->send("\x05\x00"); + $connection->stage = STAGE_ADDR; + return; + } + echo "auth failed\n"; + $connection->send("\x05\x01"); + $connection->stage = STAGE_DESTROYED; + $connection->close(); + return; case STAGE_ADDR: $cmd = ord($buffer[1]); if($cmd != CMD_CONNECT) { - echo "bad cmd $cmd\n"; - $connection->close(); - return; + echo "bad cmd $cmd\n"; + $connection->close(); + return; } $header_data = parse_socket5_header($buffer); if(!$header_data)