<?php
/*****
 Copyright 2016-2017 Hacker Factor. All Rights Reserved.

 This software is provided under a modified MIT License:

 Permission is hereby granted, free of charge, to any person obtaining a
 copy of this software (the "Software"), to deal in the Software without
 restriction, including without limitation the rights to use, copy, modify,
 merge, publish, distribute, sublicense, and/or sell copies of the
 Software, and to permit persons to whom the Software is furnished to do
 so, subject to the following conditions:

 The above copyright notice and this permission notice shall be included in
 all copies or substantial portions of the Software.

 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
 THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
 FROM, OUT OF, OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 DEALINGS IN THE SOFTWARE.

 In jurisdictions where a warranty must be provided, the Software cannot be
 used.
 *****/

//******************************************************
//******************************************************
// Start Configuration
//******************************************************
//******************************************************
global $RequestDomain; // the hidden service name
global $TargetDomain; // the external server
$RequestDomain = 'archivecrfip2lpi.onion';   // CHANGE THIS to your TOR hidden service
$TargetDomain = 'archive.org';               // CHANGE THIS to your non-TOR domain
$TargetProtocol = 'https'; // What does the non-TOR server use? http or https
$TargetHeaders=array('X-TOR: true'); // custom headers
//******************************************************
//******************************************************
// End Configuration
//******************************************************
//******************************************************

//******************************************************
// GLOBALS
//******************************************************
// Rewrite hostname, so abc.$RequestDomain becomes abc.$TargetDomain
global $RequestHost; // the hidden service name
global $TargetHost;  // the external server
$RequestHost = $_SERVER['HTTP_HOST'];
$TargetHost = str_replace($RequestDomain,$TargetDomain,$RequestHost);

//******************************************************
// Idiot checking and attacker mitigation
//******************************************************
// Only accept requests to $RequestDomain
if (($RequestHost != $RequestDomain) &&
    (substr($RequestHost,-strlen($RequestDomain)-1)!= ".$RequestDomain"))
  {
  return; // unsupported hostname
  }
// No anchors permitted (clear indication of a bot)
if (strpos($_SERVER['REQUEST_URI'],'#')!==false)
  {
  return; // browsers don't send anchors
  }

# Debugging
#error_log("Request=$RequestHost  Target=$TargetHost");
# print_r($_SERVER); exit; // debugging

//******************************************************
//******************************************************

/*****
 Taint(): Very simple string to safe-HTML converter.
 Used by debug code.
 *****/
function Taint($String)
  {
  $String = str_replace("&","&amp;",$String);
  $String = str_replace("<","&lt;",$String);
  $String = str_replace(">","&gt;",$String);
  $String = str_replace("\"","&quot;",$String);
  $String = str_replace("'","&#39;",$String);
  return($String);
  }

/*****************************************
 proxy_request(): Forward the request to $url.
   - Rewrites hostnames as needed.
   - Forwards cookies and other headers.
 Returns: header and data array, or false on error.
 *****************************************/
function proxy_request($method, $data)
  {
  global $RequestDomain;
  global $TargetDomain;
  global $TargetHost;
  global $TargetProtocol;
  global $TargetHeaders;

  // Convert the data array into URL Parameters like a=b&foo=bar etc.
  if (($method == "GET") || ($method == "HEAD"))
    {
    $data = http_build_query($data);
    }
  // echo "DEBUG: $method: '" . print_r($data,true) . "'\n"; exit;
 
  // Set the URL
  $url = $TargetProtocol . "://" . $TargetHost . $_SERVER['REQUEST_URI'];
 
  $ch = curl_init();
  curl_setopt($ch, CURLOPT_URL,$url);
  curl_setopt($ch, CURLOPT_HEADER, true);
  curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
  curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
  if ($method=='POST')
    {
    curl_setopt($ch, CURLOPT_POST, true);
    if ($data) { curl_setopt($ch, CURLOPT_POSTFIELDS, $data); }
    }
  if (isset($_SERVER['HTTP_COOKIE']))
    {
    curl_setopt($ch, CURLOPT_COOKIE, $_SERVER['HTTP_COOKIE']);
    }

  /* Generate request header */
  $header=$TargetHeaders;
  // Disabled application/x-www-form-urlencoded -- breaks file uploads
  //  if ($method=='POST') { $header[]='Content-Type: application/x-www-form-urlencoded'; }
  if (isset($_SERVER['HTTP_USER_AGENT'])) // was there a user-agent?
    { $header[]="User-Agent: " . $_SERVER['HTTP_USER_AGENT']; }
  if (isset($_SERVER['HTTP_REFERER'])) // add referer support
    {
    // Correct referer for target
    $ref=str_replace("$RequestDomain/","$TargetDomain/",$_SERVER['HTTP_REFERER']);
    $header[]="Referer: $ref";
    }
  if (isset($_SERVER['HTTP_IF_MODIFIED_SINCE'])) // add cache support
    { $header[]="If-Modified-Since: " . $_SERVER['HTTP_IF_MODIFIED_SINCE']; }
  if (isset($_SERVER['HTTP_IF_NONE_MATCH'])) // add etag support
    { $header[]="If-None-Match: " . $_SERVER['HTTP_IF_NONE_MATCH']; }
  if (isset($_SERVER['HTTP_ACCEPT_LANGUAGE']))
    { $header[]="Accept-Language: " . $_SERVER['HTTP_ACCEPT_LANGUAGE']; }
// Disable encoding: this proxy doesn't handle gzip and other formats.
//  if (isset($_SERVER['HTTP_ACCEPT_ENCODING']))
//    { $header[]="Accept-Encoding: " . $_SERVER['HTTP_ACCEPT_ENCODING']; }
  if (isset($_SERVER['HTTP_CACHE_CONTROL']))
    { $header[]="Cache-Control: " . $_SERVER['HTTP_CACHE_CONTROL']; }
  curl_setopt($ch, CURLOPT_HTTPHEADER, $header);

  curl_setopt($ch, CURLINFO_HEADER_OUT, true); // debug outbound header

  $response = curl_exec($ch);
  $header_size = curl_getinfo($ch, CURLINFO_HEADER_SIZE);
  $result=array();
  $result['header'] = explode("\r\n",substr($response,0,$header_size));
  $result['content'] = substr($response, $header_size);
  $result['status'] = array_shift($result['header']);
  $result['reqheader'] = curl_getinfo($ch, CURLINFO_HEADER_OUT);

  if (0) // debug (set to '1' to enable network debugging
    {
    // Web site access WILL NOT WORK if debugging is enabled.
    echo "HTTP Env<pre>";
    foreach($_SERVER as $f=>$v)
      {
      if (substr($f,0,5)=='HTTP_') { echo "$f: $v\n"; }
      }
    foreach($_COOKIE as $f=>$v)
      {
      echo "$f: $v\n";
      }
    echo "</pre>\n";
    echo "Request to $TargetDomain: <pre>" . Taint($result['reqheader']) . "</pre>\n";
    echo "Data to $TargetDomain: <pre>" . Taint(print_r($data,true)) . "</pre>\n";
    echo "Reply Status: <pre>" . Taint($result['status'],true) . "</pre>\n";
    echo "Reply from $TargetDomain: <pre>" . Taint(print_r($result['header'],true)) . "</pre>\n";
    echo "Content: <pre>" . Taint($result['content']) . "</pre>\n";
    exit(0);
    }

  curl_close($ch);
  return($result);
  } /* proxy_request() */

/*****************************************
 proxy_reply(): Forward the reply to the client.
   - Rewrites hostnames
   - Forwards cookies and other headers
 Returns: nothing
 *****************************************/
function proxy_reply($response)
  {
  if (!$response) { return; }
  global $RequestDomain;
  global $TargetDomain;

  // Set headers
  header($response['status']);
  foreach($response['header'] as $v)
    {
    $h=explode(": ",$v,2);
    if (!isset($h[1])) { continue; }
    $uf = strtoupper($h[0]);
    if ($uf=='CONTENT-TYPE')
      {
      header($v);
      // Rewrite HTML, CSS, and Javascript, but nothing else
      if ((stripos($h[1],"text/html") !== false) ||
          (stripos($h[1],"text/css") !== false) ||
          (stripos($h[1],"application/x-javascript") !== false))
	{
	// Convert all TOR requests use HTTP (no CA for HTTPS)
	$response['content'] = preg_replace("@(https|HTTPS)://([^/]*$TargetDomain)@",'http://$2',$response['content']);
	// Convert hostname to my host
	$response['content'] = preg_replace("@//([^/]*)$TargetDomain@",'//$1' . $RequestDomain,$response['content']);
	}
      }
    elseif ($uf=='LOCATION')
      {
      // Convert all TOR requests use HTTP (no CA for HTTPS)
      $v = preg_replace("@(https|HTTPS)://([^/]*$TargetDomain)@",'http://$2',$v);
      // Convert hostname to my host
      $v = preg_replace("@$TargetDomain@",$RequestDomain,$v,1);
      header($v,false);
      }
    elseif ($uf=='SET-COOKIE')
      {
      // Convert domain to my domain
      $v = preg_replace("@$TargetDomain@",$RequestDomain,$v);
      header($v,false);
      }
    elseif (($uf=='CACHE-CONTROL') ||
        ($uf=='ETAG') ||
        ($uf=='EXPIRES') ||
        ($uf=='LAST-MODIFIED') ||
        ($uf=='CACHE-CONTROL'))
      {
      header($v);
      }
    }
  echo $response['content'];
  } /* proxy_reply() */

/*****************************************
 prepare_data(): Ensure data from client is passed to server.
 Returns: $data array.
 *****************************************/
function prepare_data($method)
  {
  $data = array();
  if (($method == "GET") || ($method =="HEAD"))
    {
    foreach($_GET as $f=>$v)
      {
      // Protect '@' since that tells curl to include files
      if (!isset($v[0])) { continue; }
      if ($v[0]=='@') { $data[$f]="\\" . $v; }
      else { $data[$f]=$v; }
      }
    }
  elseif ($method=="POST" && count($_POST)>0)
    {
    foreach($_POST as $f=>$v)
      {
      // Protect '@' since that tells curl to include files
      if (!isset($v[0])) { continue; }
      if ($v[0]=='@') { $data[$f]="\\" . $v; }
      else { $data[$f]=$v; }
      }
    if (count($_FILES) > 0)
      {
      // Use '@' to include files
      foreach($_FILES as $f=>$v)
	{
	$data[$f] = '@' . realpath($v['tmp_name']) . ';filename=' . $v['name'];
	}
      }
    }
  return($data); // only support GET, HEAD, or POST
  } /* prepare_data() */

/*************************************************************/
/*************************************************************/
/***** main *****/
/*************************************************************/
/*************************************************************/
$PermitMethod=array("GET","POST","HEAD");
if (!in_array($_SERVER['REQUEST_METHOD'],$PermitMethod))
  {
  return;
  }
$data=prepare_data($_SERVER['REQUEST_METHOD']);
$response = proxy_request($_SERVER['REQUEST_METHOD'], $data);
proxy_reply($response);
return;
?>