From 4e07c90604ddcd82e971cc96a1d66dea934b18c7 Mon Sep 17 00:00:00 2001 From: Fabian Keil Date: Sun, 23 Oct 2011 11:20:51 +0000 Subject: [PATCH] In socks5_connect(), require a complete socks response from the server Previously we didn't care how much data the server response contained as long as the first two bytes contained the expected values. While at it, shrink the buffer size so we can't read more than a whole socks response. This is required to support Tor's optimistic data extension. --- gateway.c | 13 +++---------- 1 file changed, 3 insertions(+), 10 deletions(-) diff --git a/gateway.c b/gateway.c index 851665ad..de245723 100644 --- a/gateway.c +++ b/gateway.c @@ -1,4 +1,4 @@ -const char gateway_rcs[] = "$Id: gateway.c,v 1.78 2011/09/18 14:42:43 fabiankeil Exp $"; +const char gateway_rcs[] = "$Id: gateway.c,v 1.79 2011/10/16 12:37:12 fabiankeil Exp $"; /********************************************************************* * * File : $Source: /cvsroot/ijbswa/current/gateway.c,v $ @@ -943,7 +943,7 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, { int err = 0; char cbuf[300]; - char sbuf[30]; + char sbuf[10]; size_t client_pos = 0; int server_size = 0; size_t hostlen = 0; @@ -1090,18 +1090,11 @@ static jb_socket socks5_connect(const struct forward_spec *fwd, } server_size = read_socket(sfd, sbuf, sizeof(sbuf)); - if (server_size < 3) + if (server_size != sizeof(sbuf)) { errstr = "SOCKS5 negotiation read failed"; err = 1; } - else if (server_size > 20) - { - /* This is somewhat unexpected but doesn't really matter. */ - log_error(LOG_LEVEL_CONNECT, "socks5_connect: read %d bytes " - "from socks server. Would have accepted up to %d.", - server_size, sizeof(sbuf)); - } if (!err) { -- 2.39.2