View Javadoc
1   /*
2    *  Licensed to the Apache Software Foundation (ASF) under one
3    *  or more contributor license agreements.  See the NOTICE file
4    *  distributed with this work for additional information
5    *  regarding copyright ownership.  The ASF licenses this file
6    *  to you under the Apache License, Version 2.0 (the
7    *  "License"); you may not use this file except in compliance
8    *  with the License.  You may obtain a copy of the License at
9    *
10   *    http://www.apache.org/licenses/LICENSE-2.0
11   *
12   *  Unless required by applicable law or agreed to in writing,
13   *  software distributed under the License is distributed on an
14   *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   *  KIND, either express or implied.  See the License for the
16   *  specific language governing permissions and limitations
17   *  under the License.
18   *
19   */
20  package org.apache.mina.proxy.handlers.socks;
21  
22  /**
23   * SocksProxyConstants.java - SOCKS proxy constants.
24   * 
25   * @author <a href="http://mina.apache.org">Apache MINA Project</a>
26   * @since MINA 2.0.0-M3
27   */
28  public class SocksProxyConstants {
29      /**
30       * SOCKS versions field values.
31       */
32      /** Socks V4 */
33      public static final byte SOCKS_VERSION_4 = 0x04;
34  
35      /** Socks V5 */
36      public static final byte SOCKS_VERSION_5 = 0x05;
37  
38      /** terminator */
39      public static final byte TERMINATOR = 0x00;
40  
41      /**
42       * The size of a server to client response in a SOCKS4/4a negotiation.
43       */
44      public static final int SOCKS_4_RESPONSE_SIZE = 8;
45  
46      /**
47       * Invalid IP used in SOCKS 4a protocol to specify that the
48       * client can't resolve the destination host's domain name.
49       */
50      public static final byte[] FAKE_IP = new byte[] { 0, 0, 0, 10 };
51  
52      /**
53       * Command codes. 
54       */
55      /** TCPIP stream */
56      public static final byte ESTABLISH_TCPIP_STREAM = 0x01;
57  
58      /** TCPIP bind */
59      public static final byte ESTABLISH_TCPIP_BIND = 0x02;
60  
61      /** UDP associate */
62      public static final byte ESTABLISH_UDP_ASSOCIATE = 0x03;
63  
64      /**
65       * SOCKS v4/v4a server reply codes.
66       */
67      /** Request granted */
68      public static final byte V4_REPLY_REQUEST_GRANTED = 0x5a;
69  
70      /** Request rejected or failed */
71      public static final byte V4_REPLY_REQUEST_REJECTED_OR_FAILED = 0x5b;
72  
73      /** Request failed not identified */
74      public static final byte V4_REPLY_REQUEST_FAILED_NO_IDENTD = 0x5c;
75  
76      /** Request failed identity not confirmed */
77      public static final byte V4_REPLY_REQUEST_FAILED_ID_NOT_CONFIRMED = 0x5d;
78  
79      /**
80       * SOCKS v5 server reply codes.
81       */
82      /** Success */
83      public static final byte V5_REPLY_SUCCEEDED = 0x00;
84  
85      /** General failure */
86      public static final byte V5_REPLY_GENERAL_FAILURE = 0x01;
87  
88      /** Not allowed */
89      public static final byte V5_REPLY_NOT_ALLOWED = 0x02;
90  
91      /** Network unreachable */
92      public static final byte V5_REPLY_NETWORK_UNREACHABLE = 0x03;
93  
94      /** Host unreachable */
95      public static final byte V5_REPLY_HOST_UNREACHABLE = 0x04;
96  
97      /** Connection refused */
98      public static final byte V5_REPLY_CONNECTION_REFUSED = 0x05;
99  
100     /** TTL expired */
101     public static final byte V5_REPLY_TTL_EXPIRED = 0x06;
102 
103     /** Command not supported */
104     public static final byte V5_REPLY_COMMAND_NOT_SUPPORTED = 0x07;
105 
106     /** Address type not supported */
107     public static final byte V5_REPLY_ADDRESS_TYPE_NOT_SUPPORTED = 0x08;
108 
109     /** IPV4 address types */
110     public static final byte IPV4_ADDRESS_TYPE = 0x01;
111 
112     /** Domain name address type */
113     public static final byte DOMAIN_NAME_ADDRESS_TYPE = 0x03;
114 
115     /** IPV6 address type */
116     public static final byte IPV6_ADDRESS_TYPE = 0x04;
117 
118     /**
119      * SOCKS v5 handshake steps.
120      */
121     /** Greeting step */
122     public static final int SOCKS5_GREETING_STEP = 0;
123 
124     /** Authentication step */
125     public static final int SOCKS5_AUTH_STEP = 1;
126 
127     /** Request step */
128     public static final int SOCKS5_REQUEST_STEP = 2;
129 
130     /**
131      * SOCKS v5 authentication methods.
132      */
133     /** No authentication */
134     public static final byte NO_AUTH = 0x00;
135 
136     /** GSSAPI authentication */
137     public static final byte GSSAPI_AUTH = 0x01;
138 
139     /** Basic authentication */
140     public static final byte BASIC_AUTH = 0x02;
141 
142     /** Non acceptable method authentication */
143     public static final byte NO_ACCEPTABLE_AUTH_METHOD = (byte) 0xFF;
144 
145     /** Supported authentication methods */
146     public static final byte[] SUPPORTED_AUTH_METHODS = new byte[] { NO_AUTH, GSSAPI_AUTH, BASIC_AUTH };
147 
148     /** Basic authentication subnegociation version */
149     public static final byte BASIC_AUTH_SUBNEGOTIATION_VERSION = 0x01;
150 
151     /** GSSAPI authentication subnegociation version */
152     public static final byte GSSAPI_AUTH_SUBNEGOTIATION_VERSION = 0x01;
153 
154     /** GSSAPI message type */
155     public static final byte GSSAPI_MSG_TYPE = 0x01;
156 
157     /**
158      * Kerberos providers OID's.
159      */
160     /** Kerberos V5 OID */
161     public static final String KERBEROS_V5_OID = "1.2.840.113554.1.2.2";
162 
163     /** Microsoft Kerberos V5 OID */
164     public static final String MS_KERBEROS_V5_OID = "1.2.840.48018.1.2.2";
165 
166     /**
167      * Microsoft NTLM security support provider.
168      */
169     public static final String NTLMSSP_OID = "1.3.6.1.4.1.311.2.2.10";
170 
171     private SocksProxyConstants() {
172     }
173     
174     /**
175      * Return the string associated with the specified reply code.
176      * 
177      * @param code the reply code
178      * @return the reply string
179      */
180     public static final String getReplyCodeAsString(byte code) {
181         switch (code) {
182         // v4 & v4a codes
183         case V4_REPLY_REQUEST_GRANTED:
184             return "Request granted";
185         case V4_REPLY_REQUEST_REJECTED_OR_FAILED:
186             return "Request rejected or failed";
187         case V4_REPLY_REQUEST_FAILED_NO_IDENTD:
188             return "Request failed because client is not running identd (or not reachable from the server)";
189         case V4_REPLY_REQUEST_FAILED_ID_NOT_CONFIRMED:
190             return "Request failed because client's identd could not confirm the user ID string in the request";
191 
192             // v5 codes
193         case V5_REPLY_SUCCEEDED:
194             return "Request succeeded";
195         case V5_REPLY_GENERAL_FAILURE:
196             return "Request failed: general SOCKS server failure";
197         case V5_REPLY_NOT_ALLOWED:
198             return "Request failed: connection not allowed by ruleset";
199         case V5_REPLY_NETWORK_UNREACHABLE:
200             return "Request failed: network unreachable";
201         case V5_REPLY_HOST_UNREACHABLE:
202             return "Request failed: host unreachable";
203         case V5_REPLY_CONNECTION_REFUSED:
204             return "Request failed: connection refused";
205         case V5_REPLY_TTL_EXPIRED:
206             return "Request failed: TTL expired";
207         case V5_REPLY_COMMAND_NOT_SUPPORTED:
208             return "Request failed: command not supported";
209         case V5_REPLY_ADDRESS_TYPE_NOT_SUPPORTED:
210             return "Request failed: address type not supported";
211 
212         default:
213             return "Unknown reply code";
214         }
215     }
216 }