View Javadoc

1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License.
18   *
19   */
20  package org.apache.mina.proxy.handlers.socks;
21  
22  /**
23   * SocksProxyConstants.java - SOCKS proxy constants.
24   * 
25   * @author The Apache MINA Project (dev@mina.apache.org)
26   * @version $Rev: 714195 $, $Date: 2008-11-15 00:48:14 +0100 (Sat, 15 Nov 2008) $
27   * @since MINA 2.0.0-M3
28   */
29  public class SocksProxyConstants {
30      /**
31       * SOCKS versions field values.
32       */
33      public final static byte SOCKS_VERSION_4 = 0x04;
34  
35      public final static byte SOCKS_VERSION_5 = 0x05;
36  
37      public final static byte TERMINATOR = 0x00;
38  
39      /**
40       * The size of a server to client response in a SOCKS4/4a negotiation.
41       */
42      public final static int SOCKS_4_RESPONSE_SIZE = 8;
43      
44      /**
45       * Invalid IP used in SOCKS 4a protocol to specify that the
46       * client can't resolve the destination host's domain name.
47       */
48      public final static byte[] FAKE_IP = new byte[] { 0, 0, 0, 10 };
49  
50      /**
51       * Command codes. 
52       */
53      public final static byte ESTABLISH_TCPIP_STREAM = 0x01;
54  
55      public final static byte ESTABLISH_TCPIP_BIND = 0x02;
56  
57      public final static byte ESTABLISH_UDP_ASSOCIATE = 0x03;
58  
59      /**
60       * SOCKS v4/v4a server reply codes.
61       */
62      public final static byte V4_REPLY_REQUEST_GRANTED = 0x5a;
63  
64      public final static byte V4_REPLY_REQUEST_REJECTED_OR_FAILED = 0x5b;
65  
66      public final static byte V4_REPLY_REQUEST_FAILED_NO_IDENTD = 0x5c;
67  
68      public final static byte V4_REPLY_REQUEST_FAILED_ID_NOT_CONFIRMED = 0x5d;
69  
70      /**
71       * SOCKS v5 server reply codes.
72       */
73      public final static byte V5_REPLY_SUCCEEDED = 0x00;
74  
75      public final static byte V5_REPLY_GENERAL_FAILURE = 0x01;
76  
77      public final static byte V5_REPLY_NOT_ALLOWED = 0x02;
78  
79      public final static byte V5_REPLY_NETWORK_UNREACHABLE = 0x03;
80  
81      public final static byte V5_REPLY_HOST_UNREACHABLE = 0x04;
82  
83      public final static byte V5_REPLY_CONNECTION_REFUSED = 0x05;
84  
85      public final static byte V5_REPLY_TTL_EXPIRED = 0x06;
86  
87      public final static byte V5_REPLY_COMMAND_NOT_SUPPORTED = 0x07;
88  
89      public final static byte V5_REPLY_ADDRESS_TYPE_NOT_SUPPORTED = 0x08;
90  
91      /**
92       * SOCKS v5 address types.
93       */
94      public final static byte IPV4_ADDRESS_TYPE = 0x01;
95  
96      public final static byte DOMAIN_NAME_ADDRESS_TYPE = 0x03;
97  
98      public final static byte IPV6_ADDRESS_TYPE = 0x04;
99  
100     /**
101      * SOCKS v5 handshake steps.
102      */
103     public final static int SOCKS5_GREETING_STEP = 0;
104 
105     public final static int SOCKS5_AUTH_STEP = 1;
106 
107     public final static int SOCKS5_REQUEST_STEP = 2;
108 
109     /**
110      * SOCKS v5 authentication methods.
111      */
112     public final static byte NO_AUTH = 0x00;
113 
114     public final static byte GSSAPI_AUTH = 0x01;
115 
116     public final static byte BASIC_AUTH = 0x02;
117 
118     public final static byte NO_ACCEPTABLE_AUTH_METHOD = (byte) 0xFF;
119 
120     public final static byte[] SUPPORTED_AUTH_METHODS = new byte[] { NO_AUTH,
121             GSSAPI_AUTH, BASIC_AUTH };
122 
123     public final static byte BASIC_AUTH_SUBNEGOTIATION_VERSION = 0x01;
124 
125     public final static byte GSSAPI_AUTH_SUBNEGOTIATION_VERSION = 0x01;
126 
127     public final static byte GSSAPI_MSG_TYPE = 0x01;
128 
129     /**
130      * Kerberos providers OID's.
131      */ 
132     public final static String KERBEROS_V5_OID = "1.2.840.113554.1.2.2";
133 
134     public final static String MS_KERBEROS_V5_OID = "1.2.840.48018.1.2.2";
135 
136     /**
137      * Microsoft NTLM security support provider.
138      */ 
139     public final static String NTLMSSP_OID = "1.3.6.1.4.1.311.2.2.10";
140 
141     /**
142      * Return the string associated with the specified reply code.
143      * 
144      * @param code the reply code
145      * @return the reply string
146      */
147     public final static String getReplyCodeAsString(byte code) {
148         switch (code) {
149         // v4 & v4a codes
150         case V4_REPLY_REQUEST_GRANTED:
151             return "Request granted";
152         case V4_REPLY_REQUEST_REJECTED_OR_FAILED:
153             return "Request rejected or failed";
154         case V4_REPLY_REQUEST_FAILED_NO_IDENTD:
155             return "Request failed because client is not running identd (or not reachable from the server)";
156         case V4_REPLY_REQUEST_FAILED_ID_NOT_CONFIRMED:
157             return "Request failed because client's identd could not confirm the user ID string in the request";
158 
159         // v5 codes
160         case V5_REPLY_SUCCEEDED:
161             return "Request succeeded";
162         case V5_REPLY_GENERAL_FAILURE:
163             return "Request failed: general SOCKS server failure";
164         case V5_REPLY_NOT_ALLOWED:
165             return "Request failed: connection not allowed by ruleset";
166         case V5_REPLY_NETWORK_UNREACHABLE:
167             return "Request failed: network unreachable";
168         case V5_REPLY_HOST_UNREACHABLE:
169             return "Request failed: host unreachable";
170         case V5_REPLY_CONNECTION_REFUSED:
171             return "Request failed: connection refused";
172         case V5_REPLY_TTL_EXPIRED:
173             return "Request failed: TTL expired";
174         case V5_REPLY_COMMAND_NOT_SUPPORTED:
175             return "Request failed: command not supported";
176         case V5_REPLY_ADDRESS_TYPE_NOT_SUPPORTED:
177             return "Request failed: address type not supported";
178 
179         default:
180             return "Unknown reply code";
181         }
182     }
183 }