SOCKS5 Bytestreams ("S5B")
out-of-band bytestream
Requester
The entity that starts a bytestream negotiation with a Target. [7]
Target
The entity with which the Requester is attempting to establish a bytestream.
Proxy
An entity that is willing to be a middleman for the bytestream between the Requester and the Target.
StreamHost
The system that the Target connects to and that is "hosting" the bytestream; the Streamhost can be either the Requester or a Proxy.
StreamID
A relatively unique Stream ID for this connection; this is generated by the Requester for tracking purposes and MUST be less than 128 characters in length.
* "----" ... communications over XMPP
* "____" ... communications over TCP
* "\\\\" and "////" ... communications over SOCKS 5
* "====" ... communications over the bytestream itself
Direct Connections
In this situation, the StreamHost is the Requester
Requester Target
| |
| Send S5B initiation request |
| -------------------------------> |
| |
| Open TCP socket |
| <_______________________________ |
| |
| Request SOCKS 5 connection |
| <\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ |
| |
| Acknowledge SOCKS 5 connection |
| ///////////////////////////////> |
| |
| Send S5B acceptance |
| <------------------------------- |
| |
| Exchange data over S5B |
| <==============================> |
|
1. Requester Initiates S5B Negotiation
<iq from='[email protected]/foo'
id='hu3vax16'
to='[email protected]/bar'
type='set'>
<query xmlns='http://jabber.org/protocol/bytestreams'
sid='vxf9n471bn46'>
<streamhost
jid='[email protected]/foo'
host='192.168.4.1'
port='5086'/>
</query>
</iq>
2. the Target attempts to open a standard TCP socket on the network address of the StreamHost/Requester.
3. Target Establishes SOCKS5 Connection with StreamHost
CMD = X'01'
ATYP = X'03'
DST.ADDR = SHA1 Hash of: (SID + Requester JID + Target JID)
DST.PORT = 0
4. StreamHost Acknowledges Connection
STATUS = X'00'
5. Target Notifies Requester of Bytestream
<iq from='[email protected]/bar'
id='hu3vax16'
to='[email protected]/foo'
type='result'>
<query xmlns='http://jabber.org/protocol/bytestreams'
sid='vxf9n471bn46'>
<streamhost-used jid='[email protected]/foo'/>
</query>
</iq>
Mediated Connections
In this situation, the StreamHost is not the Requester but a Proxy, which means that the Requester needs to discover the network address of the StreamHost before sending the initiation request to the Target, needs to negotiate a connection with the StreamHost in the same way that the Target does, and needs to ask the StreamHost to activate the bytestream before it can be used.
1. Requester Initiates Negotiation
<iq from='[email protected]/foo'
id='npq71g53'
to='[email protected]/bar'
type='set'>
<query xmlns='http://jabber.org/protocol/bytestreams'
sid='vxf9n471bn46'>
<streamhost
host='24.24.24.1'
jid='streamer.example.com'
port='7625'/>
</query>
</iq>
2. the Target attempts to open a standard TCP socket on the network address of the Proxy.
3. Target Establishes SOCKS5 Connection with StreamHost
CMD = X'01'
ATYP = X'03'
DST.ADDR = SHA1 Hash of: (SID + Requester JID + Target JID)
DST.PORT = 0
4. StreamHost Acknowledges Connection
STATUS = X'00'
5. Target Acknowledges Bytestream
<iq from='[email protected]/bar'
id='npq71g53'
to='[email protected]/foo'
type='result'>
<query xmlns='http://jabber.org/protocol/bytestreams'
sid='vxf9n471bn46'>
<streamhost-used jid='streamer.example.com'/>
</query>
</iq>
6. Requester Establishes SOCKS5 Connection with StreamHost
CMD = X'01'
ATYP = X'03'
DST.ADDR = SHA1 Hash of: (SID + Requester JID + Target JID)
DST.PORT = 0
7. StreamHost Acknowledges Connection to Requester
STATUS = X'00'
8. Requester Requests Activation of Bytestream
<iq from='[email protected]/foo'
id='oqx6t1c9'
to='streamer.example.com'
type='set'>
<query xmlns='http://jabber.org/protocol/bytestreams'
sid='vxf9n471bn46'>
<activate>[email protected]/bar</activate>
</query>
</iq>
9. Proxy Informs Requester of Activation
<iq from='streamer.example.com'
id='oqx6t1c9'
to='[email protected]/foo'
type='result'/>