diff options
| author | okan <> | 2011-02-12 15:54:18 +0000 |
|---|---|---|
| committer | okan <> | 2011-02-12 15:54:18 +0000 |
| commit | d1c27f232cfde582e176b277933b485ea84ac845 (patch) | |
| tree | 354cb6c523591b1733d85579a2bfc4a9957b9af5 | |
| parent | b35fdb6ff39ff4535528cc5246fd9dbe3465eed4 (diff) | |
| download | openbsd-d1c27f232cfde582e176b277933b485ea84ac845.tar.gz openbsd-d1c27f232cfde582e176b277933b485ea84ac845.tar.bz2 openbsd-d1c27f232cfde582e176b277933b485ea84ac845.zip | |
fix from pr 6207. a bit more of an explanation: we write the correct
number of bits when connecting via a SOCKS 5 proxy over ipv6, but we
also need to read the same number depending on the received address
type. this issue is not noticeable with ssh's SOCKS 5 support since it
always set the address type as ipv4. this fixes connections via SOCKS 5
proxies which set their address type as ipv6 when using ipv6.
after review with, and ok, nicm@
| -rw-r--r-- | src/usr.bin/nc/socks.c | 22 |
1 files changed, 18 insertions, 4 deletions
diff --git a/src/usr.bin/nc/socks.c b/src/usr.bin/nc/socks.c index b38dff741e..71108d543b 100644 --- a/src/usr.bin/nc/socks.c +++ b/src/usr.bin/nc/socks.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: socks.c,v 1.18 2010/04/20 07:26:35 nicm Exp $ */ | 1 | /* $OpenBSD: socks.c,v 1.19 2011/02/12 15:54:18 okan Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 1999 Niklas Hallqvist. All rights reserved. | 4 | * Copyright (c) 1999 Niklas Hallqvist. All rights reserved. |
| @@ -222,11 +222,25 @@ socks_connect(const char *host, const char *port, | |||
| 222 | if (cnt != wlen) | 222 | if (cnt != wlen) |
| 223 | err(1, "write failed (%zu/%zu)", cnt, wlen); | 223 | err(1, "write failed (%zu/%zu)", cnt, wlen); |
| 224 | 224 | ||
| 225 | cnt = atomicio(read, proxyfd, buf, 10); | 225 | cnt = atomicio(read, proxyfd, buf, 4); |
| 226 | if (cnt != 10) | 226 | if (cnt != 4) |
| 227 | err(1, "read failed (%zu/10)", cnt); | 227 | err(1, "read failed (%zu/4)", cnt); |
| 228 | if (buf[1] != 0) | 228 | if (buf[1] != 0) |
| 229 | errx(1, "connection failed, SOCKS error %d", buf[1]); | 229 | errx(1, "connection failed, SOCKS error %d", buf[1]); |
| 230 | switch (buf[3]) { | ||
| 231 | case SOCKS_IPV4: | ||
| 232 | cnt = atomicio(read, proxyfd, buf + 4, 6); | ||
| 233 | if (cnt != 6) | ||
| 234 | err(1, "read failed (%d/6)", cnt); | ||
| 235 | break; | ||
| 236 | case SOCKS_IPV6: | ||
| 237 | cnt = atomicio(read, proxyfd, buf + 4, 18); | ||
| 238 | if (cnt != 18) | ||
| 239 | err(1, "read failed (%d/18)", cnt); | ||
| 240 | break; | ||
| 241 | default: | ||
| 242 | errx(1, "connection failed, unsupported address type"); | ||
| 243 | } | ||
| 230 | } else if (socksv == 4) { | 244 | } else if (socksv == 4) { |
| 231 | /* This will exit on lookup failure */ | 245 | /* This will exit on lookup failure */ |
| 232 | decode_addrport(host, port, (struct sockaddr *)&addr, | 246 | decode_addrport(host, port, (struct sockaddr *)&addr, |