From d1c27f232cfde582e176b277933b485ea84ac845 Mon Sep 17 00:00:00 2001
From: okan <>
Date: Sat, 12 Feb 2011 15:54:18 +0000
Subject: fix from pr 6207.  a bit more of an explanation: we write the correct
 number of bits when connecting via a SOCKS 5 proxy over ipv6, but we also
 need to read the same number depending on the received address type.  this
 issue is not noticeable with ssh's SOCKS 5 support since it always set the
 address type as ipv4.  this fixes connections via SOCKS 5 proxies which set
 their address type as ipv6 when using ipv6.

after review with, and ok, nicm@
---
 src/usr.bin/nc/socks.c | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/src/usr.bin/nc/socks.c b/src/usr.bin/nc/socks.c
index b38dff741e..71108d543b 100644
--- a/src/usr.bin/nc/socks.c
+++ b/src/usr.bin/nc/socks.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: socks.c,v 1.18 2010/04/20 07:26:35 nicm Exp $	*/
+/*	$OpenBSD: socks.c,v 1.19 2011/02/12 15:54:18 okan Exp $	*/
 
 /*
  * Copyright (c) 1999 Niklas Hallqvist.  All rights reserved.
@@ -222,11 +222,25 @@ socks_connect(const char *host, const char *port,
 		if (cnt != wlen)
 			err(1, "write failed (%zu/%zu)", cnt, wlen);
 
-		cnt = atomicio(read, proxyfd, buf, 10);
-		if (cnt != 10)
-			err(1, "read failed (%zu/10)", cnt);
+		cnt = atomicio(read, proxyfd, buf, 4);
+		if (cnt != 4)
+			err(1, "read failed (%zu/4)", cnt);
 		if (buf[1] != 0)
 			errx(1, "connection failed, SOCKS error %d", buf[1]);
+		switch (buf[3]) {
+		case SOCKS_IPV4:
+			cnt = atomicio(read, proxyfd, buf + 4, 6);
+			if (cnt != 6)
+				err(1, "read failed (%d/6)", cnt);
+			break;
+		case SOCKS_IPV6:
+			cnt = atomicio(read, proxyfd, buf + 4, 18);
+			if (cnt != 18)
+				err(1, "read failed (%d/18)", cnt);
+			break;
+		default:
+			errx(1, "connection failed, unsupported address type");
+		}
 	} else if (socksv == 4) {
 		/* This will exit on lookup failure */
 		decode_addrport(host, port, (struct sockaddr *)&addr,
-- 
cgit v1.2.3-55-g6feb