X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=gateway.c;h=5c2f68e8637d8f981fcd3e4028980d5053abac43;hp=e42fec79fd918f49ea6a280fcb34311d98697aee;hb=e8069fb6e7863d3aeea9951c576451f144cac728;hpb=1c005bcfe63756223ed44e736f42e97248354980

diff --git a/gateway.c b/gateway.c
index e42fec79..5c2f68e8 100644
--- a/gateway.c
+++ b/gateway.c
@@ -1,4 +1,4 @@
-const char gateway_rcs[] = "$Id: gateway.c,v 1.94 2015/06/18 15:26:40 fabiankeil Exp $";
+const char gateway_rcs[] = "$Id: gateway.c,v 1.98 2016/10/25 10:45:56 fabiankeil Exp $";
 /*********************************************************************
  *
  * File        :  $Source: /cvsroot/ijbswa/current/gateway.c,v $
@@ -7,7 +7,7 @@ const char gateway_rcs[] = "$Id: gateway.c,v 1.94 2015/06/18 15:26:40 fabiankeil
  *                using a "forwarder" (i.e. HTTP proxy and/or a SOCKS4
  *                or SOCKS5 proxy).
  *
- * Copyright   :  Written by and Copyright (C) 2001-2009 the
+ * Copyright   :  Written by and Copyright (C) 2001-2016 the
  *                Privoxy team. http://www.privoxy.org/
  *
  *                Based on the Internet Junkbuster originally written
@@ -635,6 +635,7 @@ jb_socket forwarded_connect(const struct forward_spec * fwd,
    switch (fwd->type)
    {
       case SOCKS_NONE:
+      case FORWARD_WEBSERVER:
          sfd = connect_to(dest_host, dest_port, csp);
          break;
       case SOCKS_4:
@@ -934,9 +935,12 @@ static jb_socket socks5_connect(const struct forward_spec *fwd,
                                 int target_port,
                                 struct client_state *csp)
 {
+#define SIZE_SOCKS5_REPLY_IPV4 10
+#define SIZE_SOCKS5_REPLY_IPV6 22
+#define SOCKS5_REPLY_DIFFERENCE (SIZE_SOCKS5_REPLY_IPV6 - SIZE_SOCKS5_REPLY_IPV4)
    int err = 0;
    char cbuf[300];
-   char sbuf[10];
+   char sbuf[SIZE_SOCKS5_REPLY_IPV6];
    size_t client_pos = 0;
    int server_size = 0;
    size_t hostlen = 0;
@@ -1133,8 +1137,8 @@ static jb_socket socks5_connect(const struct forward_spec *fwd,
       }
    }
 
-   server_size = read_socket(sfd, sbuf, sizeof(sbuf));
-   if (server_size != sizeof(sbuf))
+   server_size = read_socket(sfd, sbuf, SIZE_SOCKS5_REPLY_IPV4);
+   if (server_size != SIZE_SOCKS5_REPLY_IPV4)
    {
       errstr = "SOCKS5 negotiation read failed";
    }
@@ -1154,7 +1158,28 @@ static jb_socket socks5_connect(const struct forward_spec *fwd,
       }
       else
       {
-         return(sfd);
+         if (sbuf[3] == '\x04')
+         {
+            /*
+             * The address field contains an IPv6 address
+             * which means we didn't get the whole reply
+             * yet. Read and discard the rest of it to make
+             * sure it isn't treated as HTTP data later on.
+             */
+            server_size = read_socket(sfd, sbuf, SOCKS5_REPLY_DIFFERENCE);
+            if (server_size != SOCKS5_REPLY_DIFFERENCE)
+            {
+               errstr = "SOCKS5 negotiation read failed (IPv6 address)";
+            }
+         }
+         else if (sbuf[3] != '\x01')
+         {
+             errstr = "SOCKS5 reply contains unsupported address type";
+         }
+         if (errstr == NULL)
+         {
+            return(sfd);
+         }
       }
    }