From: Fabian Keil Date: Sun, 23 Oct 2011 11:20:51 +0000 (+0000) Subject: In socks5_connect(), require a complete socks response from the server X-Git-Tag: v_3_0_18~79 X-Git-Url: http://www.privoxy.org/gitweb/templates.html?a=commitdiff_plain;h=4e07c90604ddcd82e971cc96a1d66dea934b18c7;p=privoxy.git In socks5_connect(), require a complete socks response from the server Previously we didn't care how much data the server response contained as long as the first two bytes contained the expected values. While at it, shrink the buffer size so we can't read more than a whole socks response. This is required to support Tor's optimistic data extension. --- diff --git a/gateway.c b/gateway.c index 851665ad..de245723 100644 --- a/gateway.c +++ b/gateway.c @@ -1,4 +1,4 @@ -const char gateway_rcs[] = "$Id: gateway.c,v 1.78 2011/09/18 14:42:43 fabiankeil Exp $"; +const char gateway_rcs[] = "$Id: gateway.c,v 1.79 2011/10/16 12:37:12 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/gateway.c,v $ @@ -943,7 +943,7 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, { int err = 0; char cbuf[300]; - char sbuf[30]; + char sbuf[10]; size_t client_pos = 0; int server_size = 0; size_t hostlen = 0; @@ -1090,18 +1090,11 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, } server_size = read_socket(sfd, sbuf, sizeof(sbuf)); - if (server_size < 3) + if (server_size != sizeof(sbuf)) { errstr = "SOCKS5 negotiation read failed"; err = 1; } - else if (server_size > 20) - { - /* This is somewhat unexpected but doesn't really matter. */ - log_error(LOG_LEVEL_CONNECT, "socks5_connect: read %d bytes " - "from socks server. Would have accepted up to %d.", - server_size, sizeof(sbuf)); - } if (!err) {