1 files changed, 61 insertions, 5 deletions
diff --git a/src/usr.bin/nc/socks.c b/src/usr.bin/nc/socks.c
index 1b06e0e12d..79b97bbffa 100644
--- a/src/usr.bin/nc/socks.c
+++ b/src/usr.bin/nc/socks.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: socks.c,v 1.21 2015/03/26 21:19:51 tobias Exp $       */
+/*      $OpenBSD: socks.c,v 1.22 2015/12/10 16:49:28 mmcc Exp $ */
 /*
 * Copyright (c) 1999 Niklas Hallqvist.  All rights reserved.
@@ -122,6 +122,58 @@ getproxypass(const char *proxyuser, const char *proxyhost)
        return (pw);
 }
+/*
+ * Error strings adapted from the generally accepted SOCKSv4 spec:
+ *
+ * http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol
+ */
+static const char *
+socks4_strerror(int e)
+{
+        switch (e) {
+        case 90:
+                return "Succeeded";
+        case 91:
+                return "Request rejected or failed";
+        case 92:
+                return "SOCKS server cannot connect to identd on the client";
+        case 93:
+                return "Client program and identd report different user-ids";
+        default:
+                return "Unknown error";
+        }
+}
+/*
+ * Error strings taken almost directly from RFC 1928.
+ */
+static const char *
+socks5_strerror(int e)
+{
+        switch (e) {
+        case 0:
+                return "Succeeded";
+        case 1:
+                return "General SOCKS server failure";
+        case 2:
+                return "Connection not allowed by ruleset";
+        case 3:
+                return "Network unreachable";
+        case 4:
+                return "Host unreachable";
+        case 5:
+                return "Connection refused";
+        case 6:
+                return "TTL expired";
+        case 7:
+                return "Command not supported";
+        case 8:
+                return "Address type not supported";
+        default:
+                return "Unknown error";
+        }
+}
 int
 socks_connect(const char *host, const char *port,
    struct addrinfo hints __attribute__ ((__unused__)),
@@ -225,8 +277,10 @@ socks_connect(const char *host, const char *port,
                cnt = atomicio(read, proxyfd, buf, 4);
                if (cnt != 4)
                        err(1, "read failed (%zu/4)", cnt);
-                if (buf[1] != 0)
+                if (buf[1] != 0) {
-                        errx(1, "connection failed, SOCKS error %d", buf[1]);
+                        errx(1, "connection failed, SOCKS error: %s",
+                            socks5_strerror(buf[1]));
+                }
                switch (buf[3]) {
                case SOCKS_IPV4:
                        cnt = atomicio(read, proxyfd, buf + 4, 6);
@@ -261,8 +315,10 @@ socks_connect(const char *host, const char *port,
                cnt = atomicio(read, proxyfd, buf, 8);
                if (cnt != 8)
                        err(1, "read failed (%zu/8)", cnt);
-                if (buf[1] != 90)
+                if (buf[1] != 90) {
-                        errx(1, "connection failed, SOCKS error %d", buf[1]);
+                        errx(1, "connection failed, SOCKS error: %s",
+                            socks4_strerror(buf[1]));
+                }
        } else if (socksv == -1) {
                /* HTTP proxy CONNECT */

diff --git a/src/usr.bin/nc/socks.c b/src/usr.bin/nc/socks.c index 1b06e0e12d..79b97bbffa 100644 --- a/src/usr.bin/nc/socks.c +++ b/src/usr.bin/nc/socks.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: socks.c,v 1.21 2015/03/26 21:19:51 tobias Exp $ */	1	/* $OpenBSD: socks.c,v 1.22 2015/12/10 16:49:28 mmcc Exp $ */
2		2
3	/*	3	/*
4	* Copyright (c) 1999 Niklas Hallqvist. All rights reserved.	4	* Copyright (c) 1999 Niklas Hallqvist. All rights reserved.
@@ -122,6 +122,58 @@ getproxypass(const char proxyuser, const char proxyhost)
122	return (pw);	122	return (pw);
123	}	123	}
124		124
		125	/*
		126	* Error strings adapted from the generally accepted SOCKSv4 spec:
		127	*
		128	* http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol
		129	*/
		130	static const char *
		131	socks4_strerror(int e)
		132	{
		133	switch (e) {
		134	case 90:
		135	return "Succeeded";
		136	case 91:
		137	return "Request rejected or failed";
		138	case 92:
		139	return "SOCKS server cannot connect to identd on the client";
		140	case 93:
		141	return "Client program and identd report different user-ids";
		142	default:
		143	return "Unknown error";
		144	}
		145	}
		146
		147	/*
		148	* Error strings taken almost directly from RFC 1928.
		149	*/
		150	static const char *
		151	socks5_strerror(int e)
		152	{
		153	switch (e) {
		154	case 0:
		155	return "Succeeded";
		156	case 1:
		157	return "General SOCKS server failure";
		158	case 2:
		159	return "Connection not allowed by ruleset";
		160	case 3:
		161	return "Network unreachable";
		162	case 4:
		163	return "Host unreachable";
		164	case 5:
		165	return "Connection refused";
		166	case 6:
		167	return "TTL expired";
		168	case 7:
		169	return "Command not supported";
		170	case 8:
		171	return "Address type not supported";
		172	default:
		173	return "Unknown error";
		174	}
		175	}
		176
125	int	177	int
126	socks_connect(const char host, const char port,	178	socks_connect(const char host, const char port,
127	struct addrinfo hints __attribute__ ((__unused__)),	179	struct addrinfo hints __attribute__ ((__unused__)),
@@ -225,8 +277,10 @@ socks_connect(const char host, const char port,
225	cnt = atomicio(read, proxyfd, buf, 4);	277	cnt = atomicio(read, proxyfd, buf, 4);
226	if (cnt != 4)	278	if (cnt != 4)
227	err(1, "read failed (%zu/4)", cnt);	279	err(1, "read failed (%zu/4)", cnt);
228	if (buf[1] != 0)	280	if (buf[1] != 0) {
229	errx(1, "connection failed, SOCKS error %d", buf[1]);	281	errx(1, "connection failed, SOCKS error: %s",
		282	socks5_strerror(buf[1]));
		283	}
230	switch (buf[3]) {	284	switch (buf[3]) {
231	case SOCKS_IPV4:	285	case SOCKS_IPV4:
232	cnt = atomicio(read, proxyfd, buf + 4, 6);	286	cnt = atomicio(read, proxyfd, buf + 4, 6);
@@ -261,8 +315,10 @@ socks_connect(const char host, const char port,
261	cnt = atomicio(read, proxyfd, buf, 8);	315	cnt = atomicio(read, proxyfd, buf, 8);
262	if (cnt != 8)	316	if (cnt != 8)
263	err(1, "read failed (%zu/8)", cnt);	317	err(1, "read failed (%zu/8)", cnt);
264	if (buf[1] != 90)	318	if (buf[1] != 90) {
265	errx(1, "connection failed, SOCKS error %d", buf[1]);	319	errx(1, "connection failed, SOCKS error: %s",
		320	socks4_strerror(buf[1]));
		321	}
266	} else if (socksv == -1) {	322	} else if (socksv == -1) {
267	/* HTTP proxy CONNECT */	323	/* HTTP proxy CONNECT */
268		324