commit 0bfaf86612eddbd586d648f3b642dac26f134fca Author: Roger Dingledine arma@torproject.org Date: Wed May 15 03:34:37 2013 -0400

Fix socks5 handshake for username/password auth

The fix for bug 8117 exposed this bug, and it turns out real-world applications like Pidgin do care. Bugfix on 0.2.3.2-alpha; fixes bug 8879. --- changes/bug8879 | 5 +++++ src/or/buffers.c | 2 +- 2 files changed, 6 insertions(+), 1 deletions(-)

diff --git a/changes/bug8879 b/changes/bug8879 new file mode 100644 index 0000000..0d2a700 --- /dev/null +++ b/changes/bug8879 @@ -0,0 +1,5 @@ + o Major bugfixes: + - Follow the socks5 protocol when offering username/password + authentication. The fix for bug 8117 exposed this bug, and it + turns out real-world applications like Pidgin do care. Bugfix on + 0.2.3.2-alpha; fixes bug 8879. diff --git a/src/or/buffers.c b/src/or/buffers.c index d063d23..c4c847e 100644 --- a/src/or/buffers.c +++ b/src/or/buffers.c @@ -1751,7 +1751,7 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req, return 0; } req->replylen = 2; /* 2 bytes of response */ - req->reply[0] = 5; + req->reply[0] = 1; /* authversion == 1 */ req->reply[1] = 0; /* authentication successful */ log_debug(LD_APP, "socks5: Accepted username/password without checking.");