3 require_once($G_base . 'Obj/curl-de-sac.phh');
5 define('TOR_CHK_URL', 'http://localhost/curl-de-sac/test/tor_mock.ppp');
6 define('PROXY_CHK_URL', 'http://localhost/curl-de-sac/test/proxy_mock.ppp');
9 * Operational Brisk stuff
11 function brisk_cds_reload($brisk)
13 if ($brisk->cds != NULL) {
14 $brisk->cds->cmd_cls_deregister_all();
19 $brisk->cds = new Curl_de_sac();
21 // create tor_chk_cls and proxy_chk_cls
22 $tor_chk_cls = new Tor_chk_cmd_cls();
23 $proxy_chk_cls = new Proxy_chk_cmd_cls();
25 // registrer tor_chk_cls and proxy_chk_cls
26 printf("MAIN: Register 'tor_chk_cls'\n");
27 if (($brisk->cds->cmd_cls_register($tor_chk_cls)) == FALSE) {
28 fprintf(STDERR, "MAIN: 'tor_chk_cls' registration failed\n");
31 printf("MAIN: Register 'proxy_chk_cls'\n");
32 if (($brisk->cds->cmd_cls_register($proxy_chk_cls)) == FALSE) {
33 fprintf(STDERR, "MAIN: 'proxy_chk_cls' registration failed\n");
40 function brisk_cds_execute($brisk, $real_idx, $sess, $ip, $authenticate)
42 if ($brisk->cds->execute("tor_chk", $brisk, $ghost, $sess, $ip, $authenticate != FALSE) == FALSE) {
43 log_main("cds_execute failed");
45 if ($brisk->cds->execute("proxy_chk", $brisk, $ghost, $sess, $ip, $authenticate != FALSE) == FALSE) {
46 log_main("cds_execute failed");
53 class Tor_chk_cmd extends CDS_cmd {
60 function Tor_chk_cmd($cmd_cls, $ch, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth)
62 parent::__construct($cmd_cls, $ch);
64 $this->user_idx = $user_idx;
65 $this->user_sess = $user_sess;
66 $this->conn_ip = $conn_ip;
67 $this->is_auth = $is_auth;
71 class Tor_chk_cmd_cls extends CDS_cmd_cls {
72 function Tor_chk_cmd_cls()
74 parent::__construct("tor_chk", 10);
77 function create($cds, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth)
79 if ($cds->dbg_get() > 0) {
80 printf("'tor_chk'::create url:[%s]\n", 'TOR_CHK_URL');
84 $opts = array( CURLOPT_HEADER => 0,
85 CURLOPT_RETURNTRANSFER => 1,
86 CURLOPT_FORBID_REUSE => true,
87 CURLOPT_HTTPHEADER => array('Connection: close'),
89 CURLOPT_POSTFIELDS => array('QueryIP' => $conn_ip));
91 if (($ch = parent::pre_create($cds, TOR_CHK_URL, $opts)) == FALSE)
94 if (parent::create($cds, $ch) == FALSE)
97 $cmd = new Tor_chk_cmd($this, $ch, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth);
105 function process($cmd, $ret)
107 if ($this->dbg_get() > 2) {
108 printf("CURL: 'tor_chk' process: curl_multi_getcontent\n");
112 $content = curl_multi_getcontent($cmd->ch_get());
113 if ($this->dbg_get() > 0) { printf("'tor_chk' process: [%s]\n", $content); }
116 if (mb_strpos($content,
117 "The IP Address you entered matches one or more active Tor servers",
118 0, "UTF-8") !== FALSE) {
119 // printf("WARNING: stripos ok\n");
122 else if (mb_strpos($content,
123 "The IP Address you entered is NOT an active Tor server",
124 0, "UTF-8") === FALSE) {
125 printf("WARNING: tor check disabled\n");
128 // printf("WARNING: NOT an active Tor server on IP [%s]\n", $cmd->conn_ip);
132 tor_chk_postprocess($cmd->ctx, $cmd->user_idx, $cmd->user_sess, $cmd->conn_ip, $cmd->is_auth, $is_tor);
137 function timeout($cmd)
139 tor_chk_timeout_cb($cmd->ctx, $cmd->user_idx, $cmd->user_sess, $cmd->conn_ip, $cmd->is_auth);
143 class Proxy_chk_cmd extends CDS_cmd {
150 function Proxy_chk_cmd($cmd_cls, $ch, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth)
152 parent::__construct($cmd_cls, $ch);
154 $this->user_idx = $user_idx;
155 $this->user_sess = $user_sess;
156 $this->conn_ip = $conn_ip;
157 $this->is_auth = $is_auth;
161 class Proxy_chk_cmd_cls extends CDS_cmd_cls {
162 function Proxy_chk_cmd_cls()
164 parent::__construct("proxy_chk", 10);
166 $this->scan_headers = array(
168 'HTTP_X_FORWARDED_FOR',
169 'HTTP_FORWARDED_FOR',
173 'HTTP_FORWARDED_FOR_IP',
181 'HTTP_PROXY_CONNECTION'
185 function create($cds, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth, $headers)
187 if ($cds->dbg_get() > 0) {
188 printf("'proxy_chk'::create url:[%s]\n", 'PROXY_CHK_URL');
191 foreach($this->scan_headers as $key){
192 //proxy detected? lets log...
194 // we already are behind a PROXY, this are our headers
195 if ($key == 'X-Proxy-ID') {
196 if ($headers[$key] == '860705422')
199 else if ($key == 'X-Forwarded-For') {
200 if ($headers[$key] == '172.16.9.66')
203 else if ($key == 'Via') {
204 if ($headers[$key] == '1.1 172.16.8.1 (Mikrotik HttpProxy)')
208 proxy_chk_postprocess($ctx, $user_idx, $user_sess, $conn_ip, $is_auth, TRUE);
214 $opts = array( CURLOPT_HEADER => 0,
215 CURLOPT_RETURNTRANSFER => 1,
216 CURLOPT_FORBID_REUSE => true,
217 CURLOPT_HTTPHEADER => array('Connection: close'),
218 CURLOPT_POST => true,
219 CURLOPT_POSTFIELDS => array('conn_ip' => $conn_ip));
221 if (($ch = parent::pre_create($cds, PROXY_CHK_URL, $opts)) == FALSE)
224 if (parent::create($cds, $ch) == FALSE)
227 $cmd = new Proxy_chk_cmd($this, $ch, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth);
235 function process($cmd, $ret)
237 if ($this->dbg_get() > 2) {
238 printf("CURL: 'proxy_chk' process: curl_multi_getcontent\n");
242 $content = curl_multi_getcontent($cmd->ch_get());
243 if ($this->dbg_get() > 0) { printf("'proxy_chk' process: [%s]\n", $content); }
246 if (mb_strpos($content, "is_proxy=true", 0, "UTF-8") !== FALSE) {
247 // printf("WARNING: stripos ok\n");
250 else if (mb_strpos($content, "is_proxy=false", 0, "UTF-8") === FALSE) {
251 printf("WARNING: proxy check disabled\n");
254 // printf("WARNING: NOT an active Proxy server on IP [%s]\n", $cmd->conn_ip);
258 proxy_chk_postprocess($cmd->ctx, $cmd->user_idx, $cmd->user_sess, $cmd->conn_ip, $cmd->is_auth, $is_proxy);
263 function timeout($cmd)
265 proxy_chk_timeout_cb($cmd->ctx, $cmd->user_idx, $cmd->user_sess, $cmd->conn_ip, $cmd->is_auth);
269 function tor_chk_postprocess($brisk, $user_idx, $user_sess, $conn_ip, $is_auth, $is_tor)
271 log_cds(sprintf("tor: user_idx: %d, user_sess: %s, conn_ip: %s, is_auth: %s, is_tor: %s",
272 $user_idx, $user_sess, $conn_ip, ($is_auth ? "YES" : "NO"), ($is_tor ? "YES" : "NO")));
275 function tor_chk_timeout_cb($brisk, $user_idx, $user_sess, $conn_ip, $is_auth)
277 log_cds(sprintf("tor: user_idx: %d, user_sess: %s, conn_ip: %s, is_auth: %s",
278 $user_idx, $user_sess, $conn_ip, ($is_auth ? "YES" : "NO")));
281 function proxy_chk_postprocess($brisk, $user_idx, $user_sess, $conn_ip, $is_auth, $is_proxy)
283 log_cds(sprintf("proxy: user_idx: %d, user_sess: %s, conn_ip: %s, is_auth: %s, is_proxy: %s",
284 $user_idx, $user_sess, $conn_ip, ($is_auth ? "YES" : "NO"), ($is_proxy ? "YES" : "NO")));
287 function proxy_chk_timeout_cb($brisk, $user_idx, $user_sess, $conn_ip, $is_auth)
289 log_cds(sprintf("proxy timeout: user_idx: %d, user_sess: %s, conn_ip: %s, is_auth: %s",
290 $user_idx, $user_sess, $conn_ip, ($is_auth ? "YES" : "NO")));