public IpAddresses ExtractDns()
{
IpAddresses result = new IpAddresses();
List <Directive> directives = GetDirectiveList("dhcp-option");
if (directives != null)
{
foreach (Directive d in directives)
{
string[] fields = d.Text.Split(' ');
if (fields.Length != 2)
{
continue;
}
if (fields[0] == "DNS")
{
result.Add(fields[1]);
}
if (fields[0] == "DNS6")
{
result.Add(fields[1]);
}
}
}
return(result);
}
public IpAddresses Clone()
{
IpAddresses n = new IpAddresses();
foreach (IpAddress ip in IPs)
{
n.Add(ip.Clone());
}
return(n);
}
public IpAddresses ExtractGateway()
{
IpAddresses result = new IpAddresses();
if (ExistsDirective("route-gateway"))
{
string ip = GetOneDirectiveText("route-gateway");
result.Add(ip);
}
if (ExistsDirective("ifconfig-ipv6"))
{
string[] fields = GetOneDirectiveText("ifconfig-ipv6").Split(' ');
if (fields.Length == 2)
{
result.Add(fields[1]);
}
}
return(result);
}
public virtual IpAddresses ResolveDNS(string host)
{
IpAddresses result = new IpAddresses();
try
{
IPHostEntry entry = Dns.GetHostEntry(host);
foreach (IPAddress ip in entry.AddressList)
{
result.Add(ip.ToString());
}
}
catch (Exception)
{
}
return(result);
}
public IpAddresses GetIpsWhiteListIncoming()
{
IpAddresses result = new IpAddresses();
// Whitelist
{
string list = Engine.Instance.Storage.Get("netlock.whitelist.incoming.ips");
list = list.Replace("\u2028", ","); // macOS Hack // TOCLEAN
List <string> hosts = list.StringToList();
foreach (string host in hosts)
{
string host2 = host;
int posComment = host2.IndexOf("#");
if (posComment != -1)
{
host2 = host2.Substring(0, posComment).Trim();
}
result.Add(host2);
}
}
return(result);
}
public virtual IpAddresses ResolveDNS(string host)
{
IpAddresses result = new IpAddresses();
try
{
IPHostEntry entry = Dns.GetHostEntry(host);
foreach (IPAddress ip in entry.AddressList)
{
result.Add(ip.ToString());
}
}
catch (Exception)
{
/*
* Fallback to nslookup.exe
* 2.14: Occur some cases (for example Check DNS on IPv6 server without IPv6 DNS (pull-ignore))
* when GetHostEntry throw "A non-recoverable error occurred during a database lookup" WSANO_RECOVERY
* but at the same time nslookup.exe give the correct answer without any error.
* 2.14: For the moment is useless this fallback, because the CheckDNS still works (probably parallel DNS)
* Search WSANO_RECOVERY in session.cs for more notes.
*/
/*
* if( (e is System.Net.Sockets.SocketException) && ((e as System.Net.Sockets.SocketException).ErrorCode == 11003)) // WSANO_RECOVERY
* {
* try
* {
* SystemShell s = new SystemShell();
* s.Path = LocateExecutable("nslookup.exe");
* s.Arguments.Add(SystemShell.EscapeHost(host));
* s.NoDebugLogTemp = true;
* s.Run();
*
* if (s.StdOut.StartsWith("DNS request timed out") == false)
* {
* int posAnswer = s.StdOut.IndexOf("\r\n\r\n");
* if (posAnswer != -1)
* {
* // Cleanup. Cannot find a better alternative: when WSANO_RECOVERY occur
* // Dns.GetHostEntry fail, also C getaddrinfo fail, only nslookup.exe works.
* string d = s.StdOut.Substring(posAnswer + host.Length);
* d = d.Replace("Name:", "");
* d = d.Replace("Aliases:", "");
* d = d.Replace("Address:", "");
* d = d.Replace("Addresses:", "");
* d = d.Replace("\t", " ");
* d = d.Replace("\r", " ");
* d = d.Replace("\n", " ");
* d = UtilsString.StringCleanSpace(d);
* foreach (string ip in d.Split(' '))
* {
* if (IpAddress.IsIP(ip))
* result.Add(ip);
* }
* }
* }
* }
* catch (Exception)
* {
*
* }
* }
*/
}
return(result);
}
public static IpAddresses GetGuardIps(bool force)
{
// This is called a lots of time.
Int64 now = Utils.UnixTimeStamp();
if ((force == false) && ((now - m_lastGuardTime < 60)))
{
return(m_lastGuardIps);
}
IpAddresses ips = new IpAddresses();
try
{
string controlHost = Engine.Instance.Storage.Get("proxy.host").ToLowerInvariant().Trim();
if ((controlHost != "127.0.0.1") && (controlHost.ToLowerInvariant() != "localhost"))
{
// Guard IPS are used to avoid routing loop, that occur only if the Tor host is the same machine when OpenVPN run.
return(ips);
}
List <string> ipsMessages = new List <string>();
using (TcpClient s = new TcpClient())
{
Connect(s);
Write(s, "getinfo circuit-status\n");
Flush(s);
string circuits = Read(s);
string[] circuitsLines = circuits.Split('\n');
foreach (string circuit in circuitsLines)
{
string id = circuit.ToLowerInvariant().RegExMatchOne("\\d+\\sbuilt\\s\\$([0-9a-f]+)");
if (id != "")
{
Write(s, "getinfo ns/id/" + id.ToUpperInvariant() + "\n");
string nodeInfo = Read(s);
string[] nodeLines = nodeInfo.Split('\n');
foreach (string line in nodeLines)
{
string ip = line.RegExMatchOne("r\\s.+?\\s.+?\\s.+?\\s.+?\\s.+?\\s(.+?)\\s");
if ((IpAddress.IsIP(ip)) && (!ips.Contains(ip)))
{
ips.Add(ip);
ipsMessages.Add(ip + " (circuit)");
}
}
}
}
Write(s, "getconf bridge\n");
Flush(s);
string bridges = Read(s);
if (bridges.IndexOf("meek") == -1) //Panic if we have meek enabled, don't yet know what to do :-(
{
string[] bridgeLines = bridges.Split('\n');
foreach (string bridge in bridgeLines)
{
List <string> matches = bridge.ToLowerInvariant().RegExMatchSingle("250.bridge=(.+?)\\s([0-9a-f\\.\\:]+?):\\d+\\s");
if ((matches != null) && (matches.Count == 2))
{
string bridgeType = matches[0];
string ip = matches[1];
if ((IpAddress.IsIP(ip)) && (!ips.Contains(ip)))
{
ips.Add(matches[1]);
ipsMessages.Add(matches[1] + " (" + bridgeType + ")");
}
}
}
}
else
{
Engine.Instance.Logs.Log(LogType.Warning, LanguageManager.GetText("TorControlMeekUnsupported"));
}
if (ips.Count == 0)
{
Engine.Instance.Logs.Log(LogType.Warning, LanguageManager.GetText("TorControlNoIps"));
//throw new Exception(Messages.TorControlNoIps);
}
else
{
string list = String.Join("; ", ipsMessages.ToArray());
Engine.Instance.Logs.Log(LogType.Verbose, LanguageManager.GetText("TorControlGuardIps", list));
}
}
}
catch (Exception e)
{
//throw new Exception(LanguageManager.GetText("TorControlException, e.Message));
Engine.Instance.Logs.Log(LogType.Warning, LanguageManager.GetText("TorControlException", e.Message));
}
m_lastGuardIps = ips;
m_lastGuardTime = now;
return(ips);
}
public IpAddresses GetAllIps(bool includeIpUsedByClient)
{
IpAddresses result = new IpAddresses();
// Custom
{
string list = Engine.Instance.Storage.Get("netlock.allowed_ips");
list = list.Replace("\u2028", ","); // OS X Hack // TOCLEAN
List <string> hosts = Utils.StringToList(list);
foreach (string host in hosts)
{
string host2 = host;
int posComment = host2.IndexOf("#");
if (posComment != -1)
{
host2 = host2.Substring(0, posComment).Trim();
}
result.Add(host2);
}
}
// Routes Out
{
string routes = Engine.Instance.Storage.Get("routes.custom");
string[] routes2 = routes.Split(';');
foreach (string route in routes2)
{
string[] routeEntries = route.Split(',');
if (routeEntries.Length < 2)
{
continue;
}
string host = routeEntries[0];
string action = routeEntries[1];
if (action == "out")
{
result.Add(host);
}
}
}
// DNS
if (Engine.Instance.Storage.GetBool("netlock.allow_dns"))
{
result.Add(Platform.Instance.DetectDNS());
}
if (includeIpUsedByClient)
{
// Providers
foreach (Provider provider in Engine.Instance.ProvidersManager.Providers)
{
result.Add(provider.GetNetworkLockAllowedIps());
}
// Servers
lock (Engine.Instance.Connections)
{
Dictionary <string, ConnectionInfo> servers = new Dictionary <string, ConnectionInfo>(Engine.Instance.Connections);
foreach (ConnectionInfo infoServer in servers.Values)
{
result.Add(infoServer.IpsEntry);
}
}
}
return(result);
}
public static IpAddresses GetGuardIps()
{
IpAddresses ips = new IpAddresses();
try
{
string controlHost = Engine.Instance.Storage.Get("proxy.host").ToLowerInvariant().Trim();
if ((controlHost != "127.0.0.1") && (controlHost.ToLowerInvariant() != "localhost"))
{
// Guard IPS are used to avoid routing loop, that occur only if the Tor host is the same machine when OpenVPN run.
return(ips);
}
TcpClient s = Connect();
Write(s, "getinfo circuit-status\n");
Flush(s);
string circuits = Read(s);
string[] circuitsLines = circuits.Split('\n');
foreach (string circuit in circuitsLines)
{
string[] circuitItems = circuit.Split(' ');
if (circuitItems.Length < 3)
{
continue;
}
if (circuitItems[1] != "BUILT")
{
continue;
}
string id = circuitItems[2];
id = id.Substring(1, id.IndexOf('~') - 1);
Write(s, "getinfo ns/id/" + id + "\n");
string nodeInfo = Read(s);
string[] nodeLines = nodeInfo.Split('\n');
foreach (string line in nodeLines)
{
string[] lineItems = line.Split(' ');
if (lineItems.Length < 7)
{
continue;
}
if (lineItems[0] != "r")
{
continue;
}
string ip = lineItems[6];
if (ips.Contains(ip) == false)
{
Engine.Instance.Logs.Log(LogType.Verbose, MessagesFormatter.Format(Messages.TorControlGuardIp, ip, id));
ips.Add(ip);
}
}
}
s.Close();
if (ips.Count == 0)
{
Engine.Instance.Logs.Log(LogType.Warning, Messages.TorControlNoIps);
//throw new Exception(Messages.TorControlNoIps);
}
}
catch (Exception e)
{
//throw new Exception(MessagesFormatter.Format(Messages.TorControlException, e.Message));
Engine.Instance.Logs.Log(LogType.Warning, MessagesFormatter.Format(Messages.TorControlException, e.Message));
}
return(ips);
}