X-Git-Url: http://mop.ddnsfree.com/gitweb/?a=blobdiff_plain;f=web%2FObj%2Fcurl-de-brisk.phh;h=8dd8889551bef16b6c121df35a6ede8cb08267c1;hb=7a68ca3ff3bbc47a1cff8b71448bc473c7a95b33;hp=9fc5f6618e2b94c14c8be3cc772d47154fab7bbf;hpb=02e0afd0784de2545461dae6e4db451a17155e96;p=curl-de-sac.git

diff --git a/web/Obj/curl-de-brisk.phh b/web/Obj/curl-de-brisk.phh
index 9fc5f66..8dd8889 100755
--- a/web/Obj/curl-de-brisk.phh
+++ b/web/Obj/curl-de-brisk.phh
@@ -1,32 +1,35 @@
 <?php
 
-require_once('Obj/curl-de-sac.phh');
+require_once($G_base . 'Obj/curl-de-sac.phh');
 
-define('TOR_CHK_URL', 'http://localhost/curl-de-sac/test/tor_mock.php');
+define('TOR_CHK_URL', 'http://localhost/curl-de-sac/test/tor_mock.ppp');
+define('PROXY_CHK_URL', 'http://localhost/curl-de-sac/test/proxy_mock.ppp');
 
-class tor_chk_cmd extends CDS_cmd {
+class Tor_chk_cmd extends CDS_cmd {
     var $ctx;
     var $user_idx;
     var $user_sess;
     var $conn_ip;
+    var $is_auth;
 
-    function tor_chk_cmd($cmd_cls, $ch, $ctx, $user_idx, $user_sess, $conn_ip)
+    function Tor_chk_cmd($cmd_cls, $ch, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth)
     {
         parent::__construct($cmd_cls, $ch);
         $this->ctx       = $ctx;
         $this->user_idx  = $user_idx;
         $this->user_sess = $user_sess;
         $this->conn_ip   = $conn_ip;
+        $this->is_auth   = $is_auth;
     }
 }
 
-class tor_chk_cmd_cls extends CDS_cmd_cls {
-    function tor_chk_cmd_cls()
+class Tor_chk_cmd_cls extends CDS_cmd_cls {
+    function Tor_chk_cmd_cls()
     {
         parent::__construct("tor_chk", 10);
     }
 
-    function create($cds, $ctx, $user_idx, $user_sess, $conn_ip)
+    function create($cds, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth)
     {
         if ($cds->dbg_get() > 0) {
             printf("'tor_chk'::create url:[%s]\n", 'TOR_CHK_URL');
@@ -46,17 +49,17 @@ class tor_chk_cmd_cls extends CDS_cmd_cls {
             if (parent::create($cds, $ch) == FALSE)
                 break;
 
-            $cmd = new tor_chk_cmd($this, $ch, $ctx, $user_idx, $user_sess, $conn_ip);
+            $cmd = new Tor_chk_cmd($this, $ch, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth);
 
             return $cmd;
         } while (FALSE);
-        
+
         return FALSE;
     }
 
     function process($cmd, $ret)
     {
-        if ($this->dbg_get() > 2) { 
+        if ($this->dbg_get() > 2) {
             printf("CURL: 'tor_chk' process: curl_multi_getcontent\n");
             print_r($ret);
         }
@@ -68,7 +71,7 @@ class tor_chk_cmd_cls extends CDS_cmd_cls {
         if (mb_strpos($content,
                        "The IP Address you entered matches one or more active Tor servers",
                        0, "UTF-8") !== FALSE) {
-            printf("WARNING: stripos ok\n");
+            // printf("WARNING: stripos ok\n");
             $is_tor = TRUE;
         }
         else if (mb_strpos($content,
@@ -77,10 +80,11 @@ class tor_chk_cmd_cls extends CDS_cmd_cls {
             printf("WARNING: tor check disabled\n");
         }
         else {
-            printf("WARNING: NOT an active ...\n");
+            // printf("WARNING: NOT an active Tor server on IP [%s]\n", $cmd->conn_ip);
+            ;
         }
 
-        $cmd->ctx->cds_postprocess($cmd->user_idx, $cmd->user_sess, $cmd->conn_ip, $is_tor);
+        $cmd->ctx->tor_chk_postprocess($cmd->user_idx, $cmd->user_sess, $cmd->conn_ip, $cmd->is_auth, $is_tor);
 
         return TRUE;
     }
@@ -91,4 +95,112 @@ class tor_chk_cmd_cls extends CDS_cmd_cls {
     }
 }
 
-?>
\ No newline at end of file
+class Proxy_chk_cmd_cls extends CDS_cmd_cls {
+    function Proxy_chk_cmd_cls()
+    {
+        parent::__construct("proxy_chk", 10);
+
+        $this->scan_headers = array(
+                                    'HTTP_VIA',
+                                    'HTTP_X_FORWARDED_FOR',
+                                    'HTTP_FORWARDED_FOR',
+                                    'HTTP_X_FORWARDED',
+                                    'HTTP_FORWARDED',
+                                    'HTTP_CLIENT_IP',
+                                    'HTTP_FORWARDED_FOR_IP',
+                                    'VIA',
+                                    'X_FORWARDED_FOR',
+                                    'FORWARDED_FOR',
+                                    'X_FORWARDED',
+                                    'FORWARDED',
+                                    'CLIENT_IP',
+                                    'FORWARDED_FOR_IP',
+                                    'HTTP_PROXY_CONNECTION'
+                                    );
+    }
+
+    function create($cds, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth, $headers)
+    {
+        if ($cds->dbg_get() > 0) {
+            printf("'proxy_chk'::create url:[%s]\n", 'PROXY_CHK_URL');
+        }
+
+        foreach($this->scan_headers as $key){
+            //proxy detected? lets log...
+            if($headers[$key]) {
+                // we already are behind a PROXY, this are our headers
+                if ($key == 'X-Proxy-ID') {
+                    if ($headers[$key] == '860705422')
+                        continue;
+                }
+                else if ($key == 'X-Forwarded-For') {
+                    if ($headers[$key] == '172.16.9.66')
+                        continue;
+                }
+                else if ($key == 'Via') {
+                    if ($headers[$key] == '1.1 172.16.8.1 (Mikrotik HttpProxy)')
+                        continue;
+                }
+
+                $ctx->proxy_chk_postprocess($user_idx, $user_sess, $conn_ip, $is_auth, TRUE);
+                return TRUE;
+            }
+        }
+
+        do {
+            $opts = array( CURLOPT_HEADER => 0,
+                           CURLOPT_RETURNTRANSFER => 1,
+                           CURLOPT_FORBID_REUSE => true,
+                           CURLOPT_HTTPHEADER => array('Connection: close'),
+                           CURLOPT_POST => true,
+                           CURLOPT_POSTFIELDS => array('conn_ip' => $conn_ip));
+
+            if (($ch = parent::pre_create($cds, PROXY_CHK_URL, $opts)) == FALSE)
+                break;
+
+            if (parent::create($cds, $ch) == FALSE)
+                break;
+
+            $cmd = new Proxy_chk_cmd($this, $ch, $ctx, $user_idx, $user_sess, $conn_ip, $is_auth);
+
+            return $cmd;
+        } while (FALSE);
+
+        return FALSE;
+    }
+
+    function process($cmd, $ret)
+    {
+        if ($this->dbg_get() > 2) {
+            printf("CURL: 'proxy_chk' process: curl_multi_getcontent\n");
+            print_r($ret);
+        }
+
+        $content = curl_multi_getcontent($cmd->ch_get());
+        if ($this->dbg_get() > 0) { printf("'proxy_chk' process: [%s]\n", $content); }
+
+        $is_proxy = FALSE;
+        if (mb_strpos($content, "is_proxy=true", 0, "UTF-8") !== FALSE) {
+            // printf("WARNING: stripos ok\n");
+            $is_proxy = TRUE;
+        }
+        else if (mb_strpos($content, "is_proxy=false", 0, "UTF-8") === FALSE) {
+            printf("WARNING: proxy check disabled\n");
+        }
+        else {
+            // printf("WARNING: NOT an active Proxy server on IP [%s]\n", $cmd->conn_ip);
+            ;
+        }
+
+        $cmd->ctx->proxy_chk_postprocess($cmd->user_idx, $cmd->user_sess, $cmd->conn_ip, $cmd->is_auth, $is_proxy);
+
+        return TRUE;
+    }
+
+    function timeout($cmd)
+    {
+        printf("'proxy_chk' timeout function reached\n");
+    }
+}
+
+?>