* using a "forwarder" (i.e. HTTP proxy and/or a SOCKS4
* or SOCKS5 proxy).
*
- * Copyright : Written by and Copyright (C) 2001-2020 the
+ * Copyright : Written by and Copyright (C) 2001-2021 the
* Privoxy team. https://www.privoxy.org/
*
* Based on the Internet Junkbuster originally written
}
+/*********************************************************************
+ *
+ * Function : convert_ipv4_address_to_bytes
+ *
+ * Description : Converts an IPv4 address from string to bytes.
+ *
+ * Parameters :
+ * 1 : address = The IPv4 address string to convert.
+ * 2 : buf = The buffer to write the bytes to.
+ * Must be at least four bytes long.
+ *
+ * Returns : JB_ERR_OK on success, JB_ERR_PARSE otherwise.
+ *
+ *********************************************************************/
+static jb_err convert_ipv4_address_to_bytes(const char *address, char *buf)
+{
+ int i;
+ const char *p = address;
+
+ for (i = 0; i < 4; i++)
+ {
+ unsigned byte;
+ if (1 != sscanf(p, "%u", &byte))
+ {
+ return JB_ERR_PARSE;
+ }
+ if (byte > 255)
+ {
+ return JB_ERR_PARSE;
+ }
+ buf[i] = (char)byte;
+ if (i < 3)
+ {
+ p = strstr(p, ".");
+ if (p == NULL)
+ {
+ return JB_ERR_PARSE;
+ }
+ p++;
+ }
+ }
+
+ return JB_ERR_OK;
+
+}
+
+
/*********************************************************************
*
* Function : socks5_connect
{
#define SIZE_SOCKS5_REPLY_IPV4 10
#define SIZE_SOCKS5_REPLY_IPV6 22
+#define SIZE_SOCKS5_REPLY_DOMAIN 300
#define SOCKS5_REPLY_DIFFERENCE (SIZE_SOCKS5_REPLY_IPV6 - SIZE_SOCKS5_REPLY_IPV4)
int err = 0;
char cbuf[300];
- char sbuf[SIZE_SOCKS5_REPLY_IPV6];
+ char sbuf[SIZE_SOCKS5_REPLY_DOMAIN];
size_t client_pos = 0;
int server_size = 0;
size_t hostlen = 0;
if (!err && (sbuf[1] == '\x02'))
{
- /* check cbuf overflow */
- size_t auth_len = strlen(fwd->auth_username) + strlen(fwd->auth_password) + 3;
- if (auth_len > sizeof(cbuf))
+ if (fwd->auth_username && fwd->auth_password)
+ {
+ /* check cbuf overflow */
+ size_t auth_len = strlen(fwd->auth_username) + strlen(fwd->auth_password) + 3;
+ if (auth_len > sizeof(cbuf))
+ {
+ errstr = "SOCKS5 username and/or password too long";
+ err = 1;
+ }
+ }
+ else
{
- errstr = "SOCKS5 username and/or password too long";
+ errstr = "SOCKS5 server requested authentication while "
+ "no credentials are configured";
err = 1;
}
cbuf[client_pos++] = '\x05'; /* Version */
cbuf[client_pos++] = '\x01'; /* TCP connect */
cbuf[client_pos++] = '\x00'; /* Reserved, must be 0x00 */
- cbuf[client_pos++] = '\x03'; /* Address is domain name */
- cbuf[client_pos++] = (char)(hostlen & 0xffu);
- assert(sizeof(cbuf) - client_pos > (size_t)255);
- /* Using strncpy because we really want the nul byte padding. */
- strncpy(cbuf + client_pos, target_host, sizeof(cbuf) - client_pos);
- client_pos += (hostlen & 0xffu);
+ if (host_is_ip_address(target_host) && NULL == strstr(target_host, ":"))
+ {
+ cbuf[client_pos++] = '\x01'; /* Address is IPv4 address. */
+ if (JB_ERR_OK != convert_ipv4_address_to_bytes(target_host, &cbuf[client_pos]))
+ {
+ errstr = "SOCKS5 error. Failed to convert target address to IP address";
+ csp->error_message = strdup(errstr);
+ log_error(LOG_LEVEL_CONNECT, "%s", errstr);
+ close_socket(sfd);
+ errno = EINVAL;
+ return(JB_INVALID_SOCKET);
+ }
+ client_pos += 4;
+ }
+ else
+ {
+ /*
+ * XXX: This branch is currently also used for IPv6 addresses
+ */
+ cbuf[client_pos++] = '\x03'; /* Address is domain name. */
+ cbuf[client_pos++] = (char)(hostlen & 0xffu);
+ assert(sizeof(cbuf) - client_pos > (size_t)255);
+ /* Using strncpy because we really want the nul byte padding. */
+ strncpy(cbuf + client_pos, target_host, sizeof(cbuf) - client_pos - 1);
+ client_pos += (hostlen & 0xffu);
+ }
cbuf[client_pos++] = (char)((target_port >> 8) & 0xff);
cbuf[client_pos++] = (char)((target_port ) & 0xff);
errstr = "SOCKS5 negotiation read failed (IPv6 address)";
}
}
+ else if (sbuf[3] == '\x03')
+ {
+ /*
+ * The address field contains a domain name
+ * which means we didn't get the whole reply
+ * yet. Read and discard the rest of it to make
+ * sure it isn't treated as HTTP data later on.
+ */
+ unsigned domain_length = (unsigned)sbuf[4];
+ int bytes_left_to_read = 5 + (int)domain_length + 2 - SIZE_SOCKS5_REPLY_IPV4;
+ if (bytes_left_to_read <= 0 || sizeof(sbuf) < bytes_left_to_read)
+ {
+ errstr = "SOCKS5 negotiation read failed (Invalid domain length)";
+ }
+ else
+ {
+ server_size = read_socket(sfd, sbuf, bytes_left_to_read);
+ if (server_size != bytes_left_to_read)
+ {
+ errstr = "SOCKS5 negotiation read failed (Domain name)";
+ }
+ }
+ }
else if (sbuf[3] != '\x01')
{
- errstr = "SOCKS5 reply contains unsupported address type";
+ errstr = "SOCKS5 reply contains unsupported address type";
}
if (errstr == NULL)
{
projects / privoxy.git / blobdiff