1
# -*- coding: binary -*-
2

3
require 'rex/socket'
4

5
require 'rex/text'
6
require 'digest'
7

8
module Rex
9
  module Proto
10
    module Http
11
      ###
12
      #
13
      # Acts as a client to an HTTP server, sending requests and receiving responses.
14
      #
15
      # See the RFC: http://www.w3.org/Protocols/rfc2616/rfc2616.html
16
      #
17
      ###
18
      class Client
19

20
        #
21
        # Creates a new client instance
22
        #
23
        # @param [Rex::Proto::Http::HttpSubscriber] subscriber A subscriber to Http requests/responses
24
        def initialize(host, port = 80, context = {}, ssl = nil, ssl_version = nil, proxies = nil, username = '', password = '', kerberos_authenticator: nil, comm: nil, subscriber: nil, sslkeylogfile: nil)
25
          self.hostname = host
26
          self.port = port.to_i
27
          self.context = context
28
          self.ssl = ssl
29
          self.ssl_version = ssl_version
30
          self.proxies = proxies
31
          self.username = username
32
          self.password = password
33
          self.kerberos_authenticator = kerberos_authenticator
34
          self.comm = comm
35
          self.subscriber = subscriber || HttpSubscriber.new
36
          self.sslkeylogfile = sslkeylogfile
37

38
          # Take ClientRequest's defaults, but override with our own
39
          self.config = Http::ClientRequest::DefaultConfig.merge({
40
            'read_max_data' => (1024 * 1024 * 1),
41
            'vhost' => hostname,
42
            'ssl_server_name_indication' => hostname
43
          })
44
          config['agent'] ||= Rex::UserAgent.session_agent
45

46
          # XXX: This info should all be controlled by ClientRequest
47
          self.config_types = {
48
            'uri_encode_mode' => ['hex-normal', 'hex-all', 'hex-random', 'hex-noslashes', 'u-normal', 'u-random', 'u-all'],
49
            'uri_encode_count' => 'integer',
50
            'uri_full_url' => 'bool',
51
            'pad_method_uri_count' => 'integer',
52
            'pad_uri_version_count' => 'integer',
53
            'pad_method_uri_type' => ['space', 'tab', 'apache'],
54
            'pad_uri_version_type' => ['space', 'tab', 'apache'],
55
            'method_random_valid' => 'bool',
56
            'method_random_invalid' => 'bool',
57
            'method_random_case' => 'bool',
58
            'version_random_valid' => 'bool',
59
            'version_random_invalid' => 'bool',
60
            'uri_dir_self_reference' => 'bool',
61
            'uri_dir_fake_relative' => 'bool',
62
            'uri_use_backslashes' => 'bool',
63
            'pad_fake_headers' => 'bool',
64
            'pad_fake_headers_count' => 'integer',
65
            'pad_get_params' => 'bool',
66
            'pad_get_params_count' => 'integer',
67
            'pad_post_params' => 'bool',
68
            'pad_post_params_count' => 'integer',
69
            'shuffle_get_params' => 'bool',
70
            'shuffle_post_params' => 'bool',
71
            'uri_fake_end' => 'bool',
72
            'uri_fake_params_start' => 'bool',
73
            'header_folding' => 'bool',
74
            'chunked_size' => 'integer',
75
            'partial' => 'bool'
76
          }
77
        end
78

79
        #
80
        # Set configuration options
81
        #
82
        def set_config(opts = {})
83
          opts.each_pair do |var, val|
84
            # Default type is string
85
            typ = config_types[var] || 'string'
86

87
            # These are enum types
88
            if typ.is_a?(Array) && !typ.include?(val)
89
              raise "The specified value for #{var} is not one of the valid choices"
90
            end
91

92
            # The caller should have converted these to proper ruby types, but
93
            # take care of the case where they didn't before setting the
94
            # config.
95

96
            if (typ == 'bool')
97
              val = val == true || val.to_s =~ /^(t|y|1)/i
98
            end
99

100
            if (typ == 'integer')
101
              val = val.to_i
102
            end
103

104
            config[var] = val
105
          end
106
        end
107

108
        #
109
        # Create an arbitrary HTTP request
110
        #
111
        # @param opts [Hash]
112
        # @option opts 'agent'         [String] User-Agent header value
113
        # @option opts 'connection'    [String] Connection header value
114
        # @option opts 'cookie'        [String] Cookie header value
115
        # @option opts 'data'          [String] HTTP data (only useful with some methods, see rfc2616)
116
        # @option opts 'encode'        [Bool]   URI encode the supplied URI, default: false
117
        # @option opts 'headers'       [Hash]   HTTP headers, e.g. <code>{ "X-MyHeader" => "value" }</code>
118
        # @option opts 'method'        [String] HTTP method to use in the request, not limited to standard methods defined by rfc2616, default: GET
119
        # @option opts 'proto'         [String] protocol, default: HTTP
120
        # @option opts 'query'         [String] raw query string
121
        # @option opts 'raw_headers'   [String] Raw HTTP headers
122
        # @option opts 'uri'           [String] the URI to request
123
        # @option opts 'version'       [String] version of the protocol, default: 1.1
124
        # @option opts 'vhost'         [String] Host header value
125
        #
126
        # @return [ClientRequest]
127
        def request_raw(opts = {})
128
          opts = config.merge(opts)
129

130
          opts['cgi'] = false
131
          opts['port'] = port
132
          opts['ssl'] = ssl
133

134
          ClientRequest.new(opts)
135
        end
136

137
        #
138
        # Create a CGI compatible request
139
        #
140
        # @param (see #request_raw)
141
        # @option opts (see #request_raw)
142
        # @option opts 'ctype'         [String] Content-Type header value, default for POST requests: +application/x-www-form-urlencoded+
143
        # @option opts 'encode_params' [Bool]   URI encode the GET or POST variables (names and values), default: true
144
        # @option opts 'vars_get'      [Hash]   GET variables as a hash to be translated into a query string
145
        # @option opts 'vars_post'     [Hash]   POST variables as a hash to be translated into POST data
146
        # @option opts 'vars_form_data'     [Hash]   POST form_data variables as a hash to be translated into multi-part POST form data
147
        #
148
        # @return [ClientRequest]
149
        def request_cgi(opts = {})
150
          opts = config.merge(opts)
151

152
          opts['cgi'] = true
153
          opts['port'] = port
154
          opts['ssl'] = ssl
155

156
          ClientRequest.new(opts)
157
        end
158

159
        #
160
        # Connects to the remote server if possible.
161
        #
162
        # @param t [Integer] Timeout
163
        # @see Rex::Socket::Tcp.create
164
        # @return [Rex::Socket::Tcp]
165
        def connect(t = -1)
166
          # If we already have a connection and we aren't pipelining, close it.
167
          if conn
168
            if !pipelining?
169
              close
170
            else
171
              return conn
172
            end
173
          end
174

175
          timeout = (t.nil? or t == -1) ? 0 : t
176

177
          self.conn = Rex::Socket::Tcp.create(
178
            'PeerHost' => hostname,
179
            'PeerHostname' => config['ssl_server_name_indication'] || config['vhost'],
180
            'PeerPort' => port.to_i,
181
            'LocalHost' => local_host,
182
            'LocalPort' => local_port,
183
            'Context' => context,
184
            'SSL' => ssl,
185
            'SSLVersion' => ssl_version,
186
            'SSLKeyLogFile' => sslkeylogfile,
187
            'Proxies' => proxies,
188
            'Timeout' => timeout,
189
            'Comm' => comm
190
          )
191
        end
192

193
        #
194
        # Closes the connection to the remote server.
195
        #
196
        def close
197
          if conn && !conn.closed?
198
            conn.shutdown
199
            conn.close
200
          end
201

202
          self.conn = nil
203
          self.ntlm_client = nil
204
        end
205

206
        #
207
        # Sends a request and gets a response back
208
        #
209
        # If the request is a 401, and we have creds, it will attempt to complete
210
        # authentication and return the final response
211
        #
212
        # @return (see #_send_recv)
213
        def send_recv(req, t = -1, persist = false)
214
          res = _send_recv(req, t, persist)
215
          if res and res.code == 401 and res.headers['WWW-Authenticate']
216
            res = send_auth(res, req.opts, t, persist)
217
          end
218
          res
219
        end
220

221
        #
222
        # Transmit an HTTP request and receive the response
223
        #
224
        # If persist is set, then the request will attempt to reuse an existing
225
        # connection.
226
        #
227
        # Call this directly instead of {#send_recv} if you don't want automatic
228
        # authentication handling.
229
        #
230
        # @return (see #read_response)
231
        def _send_recv(req, t = -1, persist = false)
232
          @pipeline = persist
233
          subscriber.on_request(req)
234
          if req.respond_to?(:opts) && req.opts['ntlm_transform_request'] && ntlm_client
235
            req = req.opts['ntlm_transform_request'].call(ntlm_client, req)
236
          elsif req.respond_to?(:opts) && req.opts['krb_transform_request'] && krb_encryptor
237
            req = req.opts['krb_transform_request'].call(krb_encryptor, req)
238
          end
239

240
          send_request(req, t)
241

242
          res = read_response(t, original_request: req)
243
          if req.respond_to?(:opts) && req.opts['ntlm_transform_response'] && ntlm_client
244
            req.opts['ntlm_transform_response'].call(ntlm_client, res)
245
          elsif req.respond_to?(:opts) && req.opts['krb_transform_response'] && krb_encryptor
246
            req = req.opts['krb_transform_response'].call(krb_encryptor, res)
247
          end
248
          res.request = req.to_s if res
249
          res.peerinfo = peerinfo if res
250
          subscriber.on_response(res)
251
          res
252
        end
253

254
        #
255
        # Send an HTTP request to the server
256
        #
257
        # @param req [Request,ClientRequest,#to_s] The request to send
258
        # @param t (see #connect)
259
        #
260
        # @return [void]
261
        def send_request(req, t = -1)
262
          connect(t)
263
          conn.put(req.to_s)
264
        end
265

266
        # Resends an HTTP Request with the proper authentication headers
267
        # set. If we do not support the authentication type the server requires
268
        # we return the original response object
269
        #
270
        # @param res [Response] the HTTP Response object
271
        # @param opts [Hash] the options used to generate the original HTTP request
272
        # @param t [Integer] the timeout for the request in seconds
273
        # @param persist [Boolean] whether or not to persist the TCP connection (pipelining)
274
        #
275
        # @return [Response] the last valid HTTP response object we received
276
        def send_auth(res, opts, t, persist)
277
          if opts['username'].nil? or opts['username'] == ''
278
            if username and !(username == '')
279
              opts['username'] = username
280
              opts['password'] = password
281
            else
282
              opts['username'] = nil
283
              opts['password'] = nil
284
            end
285
          end
286

287
          if opts[:kerberos_authenticator].nil?
288
            opts[:kerberos_authenticator] = kerberos_authenticator
289
          end
290

291
          return res if (opts['username'].nil? or opts['username'] == '') and opts[:kerberos_authenticator].nil?
292

293
          supported_auths = res.headers['WWW-Authenticate']
294

295
          # if several providers are available, the client may want one in particular
296
          preferred_auth = opts['preferred_auth']
297

298
          if supported_auths.include?('Basic') && (preferred_auth.nil? || preferred_auth == 'Basic')
299
            opts['headers'] ||= {}
300
            opts['headers']['Authorization'] = basic_auth_header(opts['username'], opts['password'])
301
            req = request_cgi(opts)
302
            res = _send_recv(req, t, persist)
303
            return res
304
          elsif supported_auths.include?('Digest') && (preferred_auth.nil? || preferred_auth == 'Digest')
305
            temp_response = digest_auth(opts)
306
            if temp_response.is_a? Rex::Proto::Http::Response
307
              res = temp_response
308
            end
309
            return res
310
          elsif supported_auths.include?('NTLM') && (preferred_auth.nil? || preferred_auth == 'NTLM')
311
            opts['provider'] = 'NTLM'
312
            temp_response = negotiate_auth(opts)
313
            if temp_response.is_a? Rex::Proto::Http::Response
314
              res = temp_response
315
            end
316
            return res
317
          elsif supported_auths.include?('Kerberos') && (preferred_auth.nil? || preferred_auth == 'Kerberos') && kerberos_authenticator
318
            opts['provider'] = 'Kerberos'
319
            temp_response = kerberos_auth(opts, mechanism: Rex::Proto::Gss::Mechanism::KERBEROS)
320
            if temp_response.is_a? Rex::Proto::Http::Response
321
              res = temp_response
322
            end
323
            return res
324
          elsif supported_auths.include?('Negotiate') && (preferred_auth.nil? || preferred_auth == 'Negotiate')
325
            opts['provider'] = 'Negotiate'
326
            temp_response = negotiate_auth(opts)
327
            if temp_response.is_a? Rex::Proto::Http::Response
328
              res = temp_response
329
            end
330
            return res
331
          elsif supported_auths.include?('Negotiate') && (preferred_auth.nil? || preferred_auth == 'Kerberos') && kerberos_authenticator
332
            opts['provider'] = 'Negotiate'
333
            temp_response = kerberos_auth(opts, mechanism: Rex::Proto::Gss::Mechanism::SPNEGO)
334
            if temp_response.is_a? Rex::Proto::Http::Response
335
              res = temp_response
336
            end
337
            return res
338
          end
339
          return res
340
        end
341

342
        # Converts username and password into the HTTP Basic authorization
343
        # string.
344
        #
345
        # @return [String] A value suitable for use as an Authorization header
346
        def basic_auth_header(username, password)
347
          auth_str = username.to_s + ':' + password.to_s
348
          'Basic ' + Rex::Text.encode_base64(auth_str)
349
        end
350
        # Send a series of requests to complete Digest Authentication
351
        #
352
        # @param opts [Hash] the options used to build an HTTP request
353
        # @return [Response] the last valid HTTP response we received
354
        def digest_auth(opts = {})
355
          to = opts['timeout'] || 20
356

357
          digest_user = opts['username'] || ''
358
          digest_password = opts['password'] || ''
359

360
          method = opts['method']
361
          path = opts['uri']
362
          iis = true
363
          if (opts['DigestAuthIIS'] == false or config['DigestAuthIIS'] == false)
364
            iis = false
365
          end
366

367
          begin
368
            resp = opts['response']
369

370
            if !resp
371
              # Get authentication-challenge from server, and read out parameters required
372
              r = request_cgi(opts.merge({
373
                'uri' => path,
374
                'method' => method
375
              }))
376
              resp = _send_recv(r, to)
377
              unless resp.is_a? Rex::Proto::Http::Response
378
                return nil
379
              end
380

381
              if resp.code != 401
382
                return resp
383
              end
384
              return resp unless resp.headers['WWW-Authenticate']
385
            end
386

387
            # Don't anchor this regex to the beginning of string because header
388
            # folding makes it appear later when the server presents multiple
389
            # WWW-Authentication options (such as is the case with IIS configured
390
            # for Digest or NTLM).
391
            resp['www-authenticate'] =~ /Digest (.*)/
392

393
            parameters = {}
394
            ::Regexp.last_match(1).split(/,[[:space:]]*/).each do |p|
395
              k, v = p.split('=', 2)
396
              parameters[k] = v.gsub('"', '')
397
            end
398

399
            auth_digest = Rex::Proto::Http::AuthDigest.new
400
            auth = auth_digest.digest(digest_user, digest_password, method, path, parameters, iis)
401

402
            headers = { 'Authorization' => auth.join(', ') }
403
            headers.merge!(opts['headers']) if opts['headers']
404

405
            # Send main request with authentication
406
            r = request_cgi(opts.merge({
407
              'uri' => path,
408
              'method' => method,
409
              'headers' => headers
410
            }))
411
            resp = _send_recv(r, to, true)
412
            unless resp.is_a? Rex::Proto::Http::Response
413
              return nil
414
            end
415

416
            return resp
417
          rescue ::Errno::EPIPE, ::Timeout::Error
418
          end
419
        end
420

421
        def kerberos_auth(opts = {}, mechanism: Rex::Proto::Gss::Mechanism::KERBEROS)
422
          to = opts['timeout'] || 20
423
          auth_result = kerberos_authenticator.authenticate(mechanism: mechanism)
424
          gss_data = auth_result[:security_blob]
425
          gss_data_b64 = Rex::Text.encode_base64(gss_data)
426

427
          # Separate options for the auth requests
428
          auth_opts = opts.clone
429
          auth_opts['headers'] = opts['headers'].clone
430
          case mechanism
431
          when Rex::Proto::Gss::Mechanism::KERBEROS
432
            auth_opts['headers']['Authorization'] = "Kerberos #{gss_data_b64}"
433
          when Rex::Proto::Gss::Mechanism::SPNEGO
434
            auth_opts['headers']['Authorization'] = "Negotiate #{gss_data_b64}"
435
          end
436

437
          if auth_opts['no_body_for_auth']
438
            auth_opts.delete('data')
439
            auth_opts.delete('krb_transform_request')
440
            auth_opts.delete('krb_transform_response')
441
          end
442

443
          begin
444
            # Send the auth request
445
            r = request_cgi(auth_opts)
446
            resp = _send_recv(r, to)
447
            unless resp.is_a? Rex::Proto::Http::Response
448
              return nil
449
            end
450

451
            # Get the challenge and craft the response
452
            response = resp.headers['WWW-Authenticate'].scan(/Kerberos ([A-Z0-9\x2b\x2f=]+)/ni).flatten[0]
453
            return resp unless response
454

455
            decoded = Rex::Text.decode_base64(response)
456
            mutual_auth_result = kerberos_authenticator.parse_gss_init_response(decoded, auth_result[:session_key])
457
            self.krb_encryptor = kerberos_authenticator.get_message_encryptor(mutual_auth_result[:ap_rep_subkey],
458
                                                                              auth_result[:client_sequence_number],
459
                                                                              mutual_auth_result[:server_sequence_number])
460

461
            if opts['no_body_for_auth']
462
              # If the body wasn't sent in the authentication, now do the actual request
463
              r = request_cgi(opts)
464
              resp = _send_recv(r, to, true)
465
            end
466
            return resp
467
          rescue ::Errno::EPIPE, ::Timeout::Error
468
            return nil
469
          end
470
        end
471

472
        #
473
        # Builds a series of requests to complete Negotiate Auth. Works essentially
474
        # the same way as Digest auth. Same pipelining concerns exist.
475
        #
476
        # @option opts (see #send_request_cgi)
477
        # @option opts provider ["Negotiate","NTLM"] What Negotiate provider to use
478
        #
479
        # @return [Response] the last valid HTTP response we received
480
        def negotiate_auth(opts = {})
481
          to = opts['timeout'] || 20
482
          opts['username'] ||= ''
483
          opts['password'] ||= ''
484

485
          if opts['provider'] and opts['provider'].include? 'Negotiate'
486
            provider = 'Negotiate '
487
          else
488
            provider = 'NTLM '
489
          end
490

491
          opts['method'] ||= 'GET'
492
          opts['headers'] ||= {}
493

494
          workstation_name = Rex::Text.rand_text_alpha(rand(6..13))
495
          domain_name = config['domain']
496

497
          ntlm_client = ::Net::NTLM::Client.new(
498
            opts['username'],
499
            opts['password'],
500
            workstation: workstation_name,
501
            domain: domain_name
502
          )
503
          type1 = ntlm_client.init_context
504

505
          begin
506
            # Separate options for the auth requests
507
            auth_opts = opts.clone
508
            auth_opts['headers'] = opts['headers'].clone
509
            auth_opts['headers']['Authorization'] = provider + type1.encode64
510

511
            if auth_opts['no_body_for_auth']
512
              auth_opts.delete('data')
513
              auth_opts.delete('ntlm_transform_request')
514
              auth_opts.delete('ntlm_transform_response')
515
            end
516

517
            # First request to get the challenge
518
            r = request_cgi(auth_opts)
519
            resp = _send_recv(r, to)
520
            unless resp.is_a? Rex::Proto::Http::Response
521
              return nil
522
            end
523

524
            return resp unless resp.code == 401 && resp.headers['WWW-Authenticate']
525

526
            # Get the challenge and craft the response
527
            ntlm_challenge = resp.headers['WWW-Authenticate'].scan(/#{provider}([A-Z0-9\x2b\x2f=]+)/ni).flatten[0]
528
            return resp unless ntlm_challenge
529

530
            ntlm_message_3 = ntlm_client.init_context(ntlm_challenge, channel_binding)
531

532
            self.ntlm_client = ntlm_client
533
            # Send the response
534
            auth_opts['headers']['Authorization'] = "#{provider}#{ntlm_message_3.encode64}"
535
            r = request_cgi(auth_opts)
536
            resp = _send_recv(r, to, true)
537

538
            unless resp.is_a? Rex::Proto::Http::Response
539
              return nil
540
            end
541

542
            if opts['no_body_for_auth']
543
              # If the body wasn't sent in the authentication, now do the actual request
544
              r = request_cgi(opts)
545
              resp = _send_recv(r, to, true)
546
            end
547
            return resp
548
          rescue ::Errno::EPIPE, ::Timeout::Error
549
            return nil
550
          end
551
        end
552

553
        def channel_binding
554
          if !conn.respond_to?(:peer_cert) or conn.peer_cert.nil?
555
            nil
556
          else
557
            Net::NTLM::ChannelBinding.create(OpenSSL::X509::Certificate.new(conn.peer_cert))
558
          end
559
        end
560

561
        # Read a response from the server
562
        #
563
        # Wait at most t seconds for the full response to be read in.
564
        # If t is specified as a negative value, it indicates an indefinite wait cycle.
565
        # If t is specified as nil or 0, it indicates no response parsing is required.
566
        #
567
        # @return [Response]
568
        def read_response(t = -1, opts = {})
569
          # Return a nil response if timeout is nil or 0
570
          return if t.nil? || t == 0
571

572
          resp = Response.new
573
          resp.max_data = config['read_max_data']
574

575
          original_request = opts.fetch(:original_request) { nil }
576
          parse_opts = {}
577
          unless original_request.nil?
578
            parse_opts = { orig_method: original_request.opts['method'] }
579
          end
580

581
          Timeout.timeout((t < 0) ? nil : t) do
582
            rv = nil
583
            while (
584
                     !conn.closed? and
585
                     rv != Packet::ParseCode::Completed and
586
                     rv != Packet::ParseCode::Error
587
                   )
588

589
              begin
590
                buff = conn.get_once(resp.max_data, 1)
591
                rv = resp.parse(buff || '', parse_opts)
592

593
              # Handle unexpected disconnects
594
              rescue ::Errno::EPIPE, ::EOFError, ::IOError
595
                case resp.state
596
                when Packet::ParseState::ProcessingHeader
597
                  resp = nil
598
                when Packet::ParseState::ProcessingBody
599
                  # truncated request, good enough
600
                  resp.error = :truncated
601
                end
602
                break
603
              end
604

605
              # This is a dirty hack for broken HTTP servers
606
              next unless rv == Packet::ParseCode::Completed
607

608
              rbody = resp.body
609
              rbufq = resp.bufq
610

611
              rblob = rbody.to_s + rbufq.to_s
612
              tries = 0
613
              begin
614
                # XXX: This doesn't deal with chunked encoding
615
                while tries < 1000 and resp.headers['Content-Type'] and resp.headers['Content-Type'].start_with?('text/html') and rblob !~ %r{</html>}i
616
                  buff = conn.get_once(-1, 0.05)
617
                  break if !buff
618

619
                  rblob += buff
620
                  tries += 1
621
                end
622
              rescue ::Errno::EPIPE, ::EOFError, ::IOError
623
              end
624

625
              resp.bufq = ''
626
              resp.body = rblob
627
            end
628
          end
629

630
          return resp if !resp
631

632
          # As a last minute hack, we check to see if we're dealing with a 100 Continue here.
633
          # Most of the time this is handled by the parser via check_100()
634
          if resp.proto == '1.1' and resp.code == 100 and !(opts[:skip_100])
635
            # Read the real response from the body if we found one
636
            # If so, our real response became the body, so we re-parse it.
637
            if resp.body.to_s =~ /^HTTP/
638
              body = resp.body
639
              resp = Response.new
640
              resp.max_data = config['read_max_data']
641
              resp.parse(body, parse_opts)
642
            # We found a 100 Continue but didn't read the real reply yet
643
            # Otherwise reread the reply, but don't try this hack again
644
            else
645
              resp = read_response(t, skip_100: true)
646
            end
647
          end
648

649
          resp
650
        rescue Timeout::Error
651
          # Allow partial response due to timeout
652
          resp if config['partial']
653
        end
654

655
        #
656
        # Cleans up any outstanding connections and other resources.
657
        #
658
        def stop
659
          close
660
        end
661

662
        #
663
        # Returns whether or not the conn is valid.
664
        #
665
        def conn?
666
          conn != nil
667
        end
668

669
        #
670
        # Whether or not connections should be pipelined.
671
        #
672
        def pipelining?
673
          pipeline
674
        end
675

676
        #
677
        # Target host addr and port for this connection
678
        #
679
        def peerinfo
680
          if conn
681
            pi = conn.peerinfo || nil
682
            if pi
683
              return {
684
                'addr' => pi.split(':')[0],
685
                'port' => pi.split(':')[1].to_i
686
              }
687
            end
688
          end
689
          nil
690
        end
691

692
        #
693
        # An optional comm to use for creating the underlying socket.
694
        #
695
        attr_accessor :comm
696
        #
697
        # The client request configuration
698
        #
699
        attr_accessor :config
700
        #
701
        # The client request configuration classes
702
        #
703
        attr_accessor :config_types
704
        #
705
        # Whether or not pipelining is in use.
706
        #
707
        attr_accessor :pipeline
708
        #
709
        # The local host of the client.
710
        #
711
        attr_accessor :local_host
712
        #
713
        # The local port of the client.
714
        #
715
        attr_accessor :local_port
716
        #
717
        # The underlying connection.
718
        #
719
        attr_accessor :conn
720
        #
721
        # The calling context to pass to the socket
722
        #
723
        attr_accessor :context
724
        #
725
        # The proxy list
726
        #
727
        attr_accessor :proxies
728

729
        # Auth
730
        attr_accessor :username, :password, :kerberos_authenticator
731

732
        # When parsing the request, thunk off the first response from the server, since junk
733
        attr_accessor :junk_pipeline
734

735
        # @return [Rex::Proto::Http::HttpSubscriber] The HTTP subscriber
736
        attr_accessor :subscriber
737

738
        protected
739

740
        # https
741
        attr_accessor :ssl, :ssl_version # :nodoc:
742

743
        attr_accessor :hostname, :port # :nodoc:
744

745
        #
746
        # The SSL key log file for the connected socket.
747
        #
748
        # @return [String]
749
        attr_accessor :sslkeylogfile
750

751
        #
752
        # The established NTLM connection info
753
        #
754
        attr_accessor :ntlm_client
755

756
        #
757
        # The established kerberos connection info
758
        #
759
        attr_accessor :krb_encryptor
760
      end
761
    end
762
  end
763
end
764

765