3 files changed, 86 insertions, 47 deletions
diff --git a/src/usr.bin/nc/nc.1 b/src/usr.bin/nc/nc.1
index 5c0cc5e244..759be26a31 100644
--- a/src/usr.bin/nc/nc.1
+++ b/src/usr.bin/nc/nc.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: nc.1,v 1.21 2002/02/19 22:45:18 ericj Exp $
+.\"     $OpenBSD: nc.1,v 1.22 2002/02/28 18:05:36 markus Exp $
 .\"
 .\" Copyright (c) 1996 David Sacerdote
 .\" All rights reserved.
@@ -39,6 +39,7 @@
 .Op Fl s Ar source ip address
 .Op Fl x Ar proxy address Op :port
 .Op Fl w Ar timeout
+.Op Fl X Ar socks version
 .Op Ar hostname
 .Op Ar port[s]
 .Sh DESCRIPTION
@@ -133,7 +134,7 @@ Requests that
 .Nm
 should connect to
 .Ar hostname
-using a socks5 proxy at address and port.
+using a SOCKS proxy at address and port.
 If port is not specified, port 1080 is used.
 .It Fl z
 Specifies that
@@ -141,6 +142,12 @@ Specifies that
 should just scan for listening daemons, without sending any data to them.
 .It Fl U
 Specifies to use Unix Domain Sockets.
+.It Fl X Ar version
+Requests that
+.Nm
+should use the specified version of the SOCKS protocol when talking to
+a SOCKS proxy.
+If version is not specified, SOCKS version 5 is used.
 .El
 .Sh EXAMPLES
 .Bl -tag -width x
diff --git a/src/usr.bin/nc/netcat.c b/src/usr.bin/nc/netcat.c
index e3c0befef9..dc4fe9e37d 100644
--- a/src/usr.bin/nc/netcat.c
+++ b/src/usr.bin/nc/netcat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: netcat.c,v 1.45 2002/02/19 22:42:04 ericj Exp $ */
+/* $OpenBSD: netcat.c,v 1.46 2002/02/28 18:05:36 markus Exp $ */
 /*
 * Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
 *
@@ -78,7 +78,7 @@ int	local_listen(char *, char *, struct addrinfo);
 void    readwrite(int);
 int     remote_connect(char *, char *, struct addrinfo);
 int     socks_connect(char *, char *, struct addrinfo, char *, char *,
-        struct addrinfo);
+        struct addrinfo, int);
 int     udptest(int);
 int     unix_connect(char *);
 int     unix_listen(char *);
@@ -87,7 +87,7 @@ void	usage(int);
 int
 main(int argc, char *argv[])
 {
-        int ch, s, ret;
+        int ch, s, ret, socksv;
        char *host, *uport, *endp;
        struct addrinfo hints;
        struct servent *sv;
@@ -99,12 +99,13 @@ main(int argc, char *argv[])
        ret = 1;
        s = 0;
+        socksv = 5;
        host = NULL;
        uport = NULL;
        endp = NULL;
        sv = NULL;
-        while ((ch = getopt(argc, argv, "46Uhi:klnp:rs:tuvw:x:z")) != -1) {
+        while ((ch = getopt(argc, argv, "46UX:hi:klnp:rs:tuvw:x:z")) != -1) {
                switch (ch) {
                case '4':
                        family = AF_INET;
@@ -115,6 +116,11 @@ main(int argc, char *argv[])
                case 'U':
                        family = AF_UNIX;
                        break;
+                case 'X':
+                        socksv = (int)strtoul(optarg, &endp, 10);
+                        if ((socksv != 4 && socksv != 5) || *endp != '\0')
+                                errx(1, "only SOCKS version 4 and 5 supported");
+                        break;
                case 'h':
                        help();
                        break;
@@ -306,7 +312,7 @@ main(int argc, char *argv[])
                        if (xflag)
                                s = socks_connect(host, portlist[i], hints,
-                                    proxyhost, proxyport, proxyhints);
+                                    proxyhost, proxyport, proxyhints, socksv);
                        else
                                s = remote_connect(host, portlist[i], hints);
diff --git a/src/usr.bin/nc/socks.c b/src/usr.bin/nc/socks.c
index a68e36af06..af0fe29cff 100644
--- a/src/usr.bin/nc/socks.c
+++ b/src/usr.bin/nc/socks.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: socks.c,v 1.4 2002/02/19 22:42:04 ericj Exp $ */
+/*      $OpenBSD: socks.c,v 1.5 2002/02/28 18:05:36 markus Exp $        */
 /*
 * Copyright (c) 1999 Niklas Hallqvist.  All rights reserved.
@@ -42,7 +42,8 @@
 #include <unistd.h>
 #define SOCKS_PORT      "1080"
-#define SOCKS_VERSION   5
+#define SOCKS_V5        5
+#define SOCKS_V4        4
 #define SOCKS_NOAUTH    0
 #define SOCKS_NOMETHOD  0xff
 #define SOCKS_CONNECT   1
@@ -84,7 +85,8 @@ decode_port (const char *s)
 int
 socks_connect (char *host, char *port, struct addrinfo hints,
-    char *proxyhost, char *proxyport, struct addrinfo proxyhints)
+    char *proxyhost, char *proxyport, struct addrinfo proxyhints,
+    int socksv)
 {
        int proxyfd;
        unsigned char buf[SOCKS_MAXCMDSZ];
@@ -103,43 +105,67 @@ socks_connect (char *host, char *port, struct addrinfo hints,
        serveraddr = decode_addr (host);
        serverport = decode_port (port);
-        /* Version 5, one method: no authentication */
+        if (socksv == 5) {
-        buf[0] = SOCKS_VERSION;
+                /* Version 5, one method: no authentication */
-        buf[1] = 1;
+                buf[0] = SOCKS_V5;
-        buf[2] = SOCKS_NOAUTH;
+                buf[1] = 1;
-        cnt = write (proxyfd, buf, 3);
+                buf[2] = SOCKS_NOAUTH;
-        if (cnt == -1)
+                cnt = write (proxyfd, buf, 3);
-                err (1, "write failed");
+                if (cnt == -1)
-        if (cnt != 3)
+                        err (1, "write failed");
-                errx (1, "short write, %d (expected 3)", cnt);
+                if (cnt != 3)
+                        errx (1, "short write, %d (expected 3)", cnt);
-        read (proxyfd, buf, 2);
-        if (buf[1] == SOCKS_NOMETHOD)
+                read (proxyfd, buf, 2);
-                errx (1, "authentication method negotiation failed");
+                if (buf[1] == SOCKS_NOMETHOD)
+                        errx (1, "authentication method negotiation failed");
-        /* Version 5, connect: IPv4 address */
-        buf[0] = SOCKS_VERSION;
+                /* Version 5, connect: IPv4 address */
-        buf[1] = SOCKS_CONNECT;
+                buf[0] = SOCKS_V5;
-        buf[2] = 0;
+                buf[1] = SOCKS_CONNECT;
-        buf[3] = SOCKS_IPV4;
+                buf[2] = 0;
-        memcpy (buf + 4, &serveraddr, sizeof serveraddr);
+                buf[3] = SOCKS_IPV4;
-        memcpy (buf + 8, &serverport, sizeof serverport);
+                memcpy (buf + 4, &serveraddr, sizeof serveraddr);
+                memcpy (buf + 8, &serverport, sizeof serverport);
-        /* XXX Handle short writes better */
-        cnt = write (proxyfd, buf, 10);
+                /* XXX Handle short writes better */
-        if (cnt == -1)
+                cnt = write (proxyfd, buf, 10);
-                err (1, "write failed");
+                if (cnt == -1)
-        if (cnt != 10)
+                        err (1, "write failed");
-                errx (1, "short write, %d (expected 10)", cnt);
+                if (cnt != 10)
+                        errx (1, "short write, %d (expected 10)", cnt);
-        /* XXX Handle short reads better */
-        cnt = read (proxyfd, buf, sizeof buf);
+                /* XXX Handle short reads better */
-        if (cnt == -1)
+                cnt = read (proxyfd, buf, sizeof buf);
-                err (1, "read failed");
+                if (cnt == -1)
-        if (cnt != 10)
+                        err (1, "read failed");
-                errx (1, "unexpected reply size %d (expected 10)", cnt);
+                if (cnt != 10)
-        if (buf[1] != 0)
+                        errx (1, "unexpected reply size %d (expected 10)", cnt);
-                errx (1, "connection failed, SOCKS error %d", buf[1]);
+                if (buf[1] != 0)
+                        errx (1, "connection failed, SOCKS error %d", buf[1]);
+        } else {
+                /* Version 4 */
+                buf[0] = SOCKS_V4;
+                buf[1] = SOCKS_CONNECT; /* connect */
+                memcpy (buf + 2, &serverport, sizeof serverport);
+                memcpy (buf + 4, &serveraddr, sizeof serveraddr);
+                buf[8] = 0;     /* empty username */
+                cnt = write (proxyfd, buf, 9);
+                if (cnt == -1)
+                        err (1, "write failed");
+                if (cnt != 9)
+                        errx (1, "short write, %d (expected 9)", cnt);
+                /* XXX Handle short reads better */
+                cnt = read (proxyfd, buf, 8);
+                if (cnt == -1)
+                        err (1, "read failed");
+                if (cnt != 8)
+                        errx (1, "unexpected reply size %d (expected 8)", cnt);
+                if (buf[1] != 90)
+                        errx (1, "connection failed, SOCKS error %d", buf[1]);
+        }
        return proxyfd;
 }

diff --git a/src/usr.bin/nc/nc.1 b/src/usr.bin/nc/nc.1 index 5c0cc5e244..759be26a31 100644 --- a/src/usr.bin/nc/nc.1 +++ b/src/usr.bin/nc/nc.1
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: nc.1,v 1.21 2002/02/19 22:45:18 ericj Exp $	1	.\" $OpenBSD: nc.1,v 1.22 2002/02/28 18:05:36 markus Exp $
2	.\"	2	.\"
3	.\" Copyright (c) 1996 David Sacerdote	3	.\" Copyright (c) 1996 David Sacerdote
4	.\" All rights reserved.	4	.\" All rights reserved.
@@ -39,6 +39,7 @@
39	.Op Fl s Ar source ip address	39	.Op Fl s Ar source ip address
40	.Op Fl x Ar proxy address Op :port	40	.Op Fl x Ar proxy address Op :port
41	.Op Fl w Ar timeout	41	.Op Fl w Ar timeout
		42	.Op Fl X Ar socks version
42	.Op Ar hostname	43	.Op Ar hostname
43	.Op Ar port[s]	44	.Op Ar port[s]
44	.Sh DESCRIPTION	45	.Sh DESCRIPTION
@@ -133,7 +134,7 @@ Requests that
133	.Nm	134	.Nm
134	should connect to	135	should connect to
135	.Ar hostname	136	.Ar hostname
136	using a socks5 proxy at address and port.	137	using a SOCKS proxy at address and port.
137	If port is not specified, port 1080 is used.	138	If port is not specified, port 1080 is used.
138	.It Fl z	139	.It Fl z
139	Specifies that	140	Specifies that
@@ -141,6 +142,12 @@ Specifies that
141	should just scan for listening daemons, without sending any data to them.	142	should just scan for listening daemons, without sending any data to them.
142	.It Fl U	143	.It Fl U
143	Specifies to use Unix Domain Sockets.	144	Specifies to use Unix Domain Sockets.
		145	.It Fl X Ar version
		146	Requests that
		147	.Nm
		148	should use the specified version of the SOCKS protocol when talking to
		149	a SOCKS proxy.
		150	If version is not specified, SOCKS version 5 is used.
144	.El	151	.El
145	.Sh EXAMPLES	152	.Sh EXAMPLES
146	.Bl -tag -width x	153	.Bl -tag -width x


diff --git a/src/usr.bin/nc/netcat.c b/src/usr.bin/nc/netcat.c index e3c0befef9..dc4fe9e37d 100644 --- a/src/usr.bin/nc/netcat.c +++ b/src/usr.bin/nc/netcat.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: netcat.c,v 1.45 2002/02/19 22:42:04 ericj Exp $ */	1	/* $OpenBSD: netcat.c,v 1.46 2002/02/28 18:05:36 markus Exp $ */
2	/*	2	/*
3	* Copyright (c) 2001 Eric Jackson <ericj@monkey.org>	3	* Copyright (c) 2001 Eric Jackson <ericj@monkey.org>
4	*	4	*
@@ -78,7 +78,7 @@ int local_listen(char , char , struct addrinfo);
78	void readwrite(int);	78	void readwrite(int);
79	int remote_connect(char , char , struct addrinfo);	79	int remote_connect(char , char , struct addrinfo);
80	int socks_connect(char , char , struct addrinfo, char , char ,	80	int socks_connect(char , char , struct addrinfo, char , char ,
81	struct addrinfo);	81	struct addrinfo, int);
82	int udptest(int);	82	int udptest(int);
83	int unix_connect(char *);	83	int unix_connect(char *);
84	int unix_listen(char *);	84	int unix_listen(char *);
@@ -87,7 +87,7 @@ void usage(int);
87	int	87	int
88	main(int argc, char *argv[])	88	main(int argc, char *argv[])
89	{	89	{
90	int ch, s, ret;	90	int ch, s, ret, socksv;
91	char host, uport, *endp;	91	char host, uport, *endp;
92	struct addrinfo hints;	92	struct addrinfo hints;
93	struct servent *sv;	93	struct servent *sv;
@@ -99,12 +99,13 @@ main(int argc, char *argv[])
99		99
100	ret = 1;	100	ret = 1;
101	s = 0;	101	s = 0;
		102	socksv = 5;
102	host = NULL;	103	host = NULL;
103	uport = NULL;	104	uport = NULL;
104	endp = NULL;	105	endp = NULL;
105	sv = NULL;	106	sv = NULL;
106		107
107	while ((ch = getopt(argc, argv, "46Uhi:klnp:rs:tuvw:x:z")) != -1) {	108	while ((ch = getopt(argc, argv, "46UX:hi:klnp:rs:tuvw:x:z")) != -1) {
108	switch (ch) {	109	switch (ch) {
109	case '4':	110	case '4':
110	family = AF_INET;	111	family = AF_INET;
@@ -115,6 +116,11 @@ main(int argc, char *argv[])
115	case 'U':	116	case 'U':
116	family = AF_UNIX;	117	family = AF_UNIX;
117	break;	118	break;
		119	case 'X':
		120	socksv = (int)strtoul(optarg, &endp, 10);
		121	if ((socksv != 4 && socksv != 5) \|\| *endp != '\0')
		122	errx(1, "only SOCKS version 4 and 5 supported");
		123	break;
118	case 'h':	124	case 'h':
119	help();	125	help();
120	break;	126	break;
@@ -306,7 +312,7 @@ main(int argc, char *argv[])
306		312
307	if (xflag)	313	if (xflag)
308	s = socks_connect(host, portlist[i], hints,	314	s = socks_connect(host, portlist[i], hints,
309	proxyhost, proxyport, proxyhints);	315	proxyhost, proxyport, proxyhints, socksv);
310	else	316	else
311	s = remote_connect(host, portlist[i], hints);	317	s = remote_connect(host, portlist[i], hints);
312		318


diff --git a/src/usr.bin/nc/socks.c b/src/usr.bin/nc/socks.c index a68e36af06..af0fe29cff 100644 --- a/src/usr.bin/nc/socks.c +++ b/src/usr.bin/nc/socks.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: socks.c,v 1.4 2002/02/19 22:42:04 ericj Exp $ */	1	/* $OpenBSD: socks.c,v 1.5 2002/02/28 18:05:36 markus Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 1999 Niklas Hallqvist. All rights reserved.	4	* Copyright (c) 1999 Niklas Hallqvist. All rights reserved.
@@ -42,7 +42,8 @@
42	#include <unistd.h>	42	#include <unistd.h>
43		43
44	#define SOCKS_PORT "1080"	44	#define SOCKS_PORT "1080"
45	#define SOCKS_VERSION 5	45	#define SOCKS_V5 5
		46	#define SOCKS_V4 4
46	#define SOCKS_NOAUTH 0	47	#define SOCKS_NOAUTH 0
47	#define SOCKS_NOMETHOD 0xff	48	#define SOCKS_NOMETHOD 0xff
48	#define SOCKS_CONNECT 1	49	#define SOCKS_CONNECT 1
@@ -84,7 +85,8 @@ decode_port (const char *s)
84		85
85	int	86	int
86	socks_connect (char host, char port, struct addrinfo hints,	87	socks_connect (char host, char port, struct addrinfo hints,
87	char proxyhost, char proxyport, struct addrinfo proxyhints)	88	char proxyhost, char proxyport, struct addrinfo proxyhints,
		89	int socksv)
88	{	90	{
89	int proxyfd;	91	int proxyfd;
90	unsigned char buf[SOCKS_MAXCMDSZ];	92	unsigned char buf[SOCKS_MAXCMDSZ];
@@ -103,43 +105,67 @@ socks_connect (char host, char port, struct addrinfo hints,
103	serveraddr = decode_addr (host);	105	serveraddr = decode_addr (host);
104	serverport = decode_port (port);	106	serverport = decode_port (port);
105		107
106	/* Version 5, one method: no authentication */	108	if (socksv == 5) {
107	buf[0] = SOCKS_VERSION;	109	/* Version 5, one method: no authentication */
108	buf[1] = 1;	110	buf[0] = SOCKS_V5;
109	buf[2] = SOCKS_NOAUTH;	111	buf[1] = 1;
110	cnt = write (proxyfd, buf, 3);	112	buf[2] = SOCKS_NOAUTH;
111	if (cnt == -1)	113	cnt = write (proxyfd, buf, 3);
112	err (1, "write failed");	114	if (cnt == -1)
113	if (cnt != 3)	115	err (1, "write failed");
114	errx (1, "short write, %d (expected 3)", cnt);	116	if (cnt != 3)
115		117	errx (1, "short write, %d (expected 3)", cnt);
116	read (proxyfd, buf, 2);	118
117	if (buf[1] == SOCKS_NOMETHOD)	119	read (proxyfd, buf, 2);
118	errx (1, "authentication method negotiation failed");	120	if (buf[1] == SOCKS_NOMETHOD)
119		121	errx (1, "authentication method negotiation failed");
120	/* Version 5, connect: IPv4 address */	122
121	buf[0] = SOCKS_VERSION;	123	/* Version 5, connect: IPv4 address */
122	buf[1] = SOCKS_CONNECT;	124	buf[0] = SOCKS_V5;
123	buf[2] = 0;	125	buf[1] = SOCKS_CONNECT;
124	buf[3] = SOCKS_IPV4;	126	buf[2] = 0;
125	memcpy (buf + 4, &serveraddr, sizeof serveraddr);	127	buf[3] = SOCKS_IPV4;
126	memcpy (buf + 8, &serverport, sizeof serverport);	128	memcpy (buf + 4, &serveraddr, sizeof serveraddr);
127		129	memcpy (buf + 8, &serverport, sizeof serverport);
128	/* XXX Handle short writes better */	130
129	cnt = write (proxyfd, buf, 10);	131	/* XXX Handle short writes better */
130	if (cnt == -1)	132	cnt = write (proxyfd, buf, 10);
131	err (1, "write failed");	133	if (cnt == -1)
132	if (cnt != 10)	134	err (1, "write failed");
133	errx (1, "short write, %d (expected 10)", cnt);	135	if (cnt != 10)
134		136	errx (1, "short write, %d (expected 10)", cnt);
135	/* XXX Handle short reads better */	137
136	cnt = read (proxyfd, buf, sizeof buf);	138	/* XXX Handle short reads better */
137	if (cnt == -1)	139	cnt = read (proxyfd, buf, sizeof buf);
138	err (1, "read failed");	140	if (cnt == -1)
139	if (cnt != 10)	141	err (1, "read failed");
140	errx (1, "unexpected reply size %d (expected 10)", cnt);	142	if (cnt != 10)
141	if (buf[1] != 0)	143	errx (1, "unexpected reply size %d (expected 10)", cnt);
142	errx (1, "connection failed, SOCKS error %d", buf[1]);	144	if (buf[1] != 0)
		145	errx (1, "connection failed, SOCKS error %d", buf[1]);
		146	} else {
		147	/* Version 4 */
		148	buf[0] = SOCKS_V4;
		149	buf[1] = SOCKS_CONNECT; /* connect */
		150	memcpy (buf + 2, &serverport, sizeof serverport);
		151	memcpy (buf + 4, &serveraddr, sizeof serveraddr);
		152	buf[8] = 0; /* empty username */
		153
		154	cnt = write (proxyfd, buf, 9);
		155	if (cnt == -1)
		156	err (1, "write failed");
		157	if (cnt != 9)
		158	errx (1, "short write, %d (expected 9)", cnt);
		159
		160	/* XXX Handle short reads better */
		161	cnt = read (proxyfd, buf, 8);
		162	if (cnt == -1)
		163	err (1, "read failed");
		164	if (cnt != 8)
		165	errx (1, "unexpected reply size %d (expected 8)", cnt);
		166	if (buf[1] != 90)
		167	errx (1, "connection failed, SOCKS error %d", buf[1]);
		168	}
143		169
144	return proxyfd;	170	return proxyfd;
145	}	171	}