Request for testing: proxy support

[Henri Doreau <henri.doreau () gmail com>]

Hello,

I've been working on adding proxy support to nsock. The concept, which
has been described on this list already, is fairly simple. TCP
connection requests are transparently hooked and redirected through a
chain of proxies.

Each proxy type provides, among other things, an event handler to the
library. The handler of a node in the proxy chain is called repeatedly,
until connection is fully established with the next node. Nsock iterates
that way over the entire chain until it reaches the target. At this
point, the connect event is finally delivered to the caller. The current
state of the connection is stored in the IOD. This means that the
proposed implementation has no parallelism issue.

For now, HTTP CONNECT and SOCKS4 are supported. Name resolution isn't
implemented. Also, ultrascan doesn't benefit (or suffer? :) proxy
support as it doesn't use nsock. That would be something to implement.


A chain is expressed as a comma-separated list of URLs.
e.g.: "http://localhost:8080,socks4://someproxy.example.com";.

Such a chain can be passed to nmap via --proxies <chain>. The chain is
parsed once and reused everytime a nsock pool is instanciated by nmap.

Authentication is not supported. As agreed before[1], I aim to first validate
the core layers. refguide is also not updated yet, though I have no excuse
for that. :)

You can get the code at:
  https://svn.nmap.org/nmap-exp/henri/nmap-proxies

This branch is being developed and tested under linux and freebsd, I'm not
100% sure how it'd behave on other platforms.

I'd really like to see this tested and get feedback about it.


Regards

[1] http://seclists.org/nmap-dev/2012/q4/526

--
Henri
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/