[or-cvs] r9437: If the socks handshake hasn't started, don't send a "DNS res (in tor/trunk: . src/or)
arma at seul.org
arma at seul.org
Sat Jan 27 18:56:14 UTC 2007
Author: arma
Date: 2007-01-27 13:56:13 -0500 (Sat, 27 Jan 2007)
New Revision: 9437
Modified:
tor/trunk/ChangeLog
tor/trunk/src/or/connection_edge.c
Log:
If the socks handshake hasn't started, don't send a
"DNS resolve socks failed" handshake reply; just close it.
Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog 2007-01-27 18:44:17 UTC (rev 9436)
+++ tor/trunk/ChangeLog 2007-01-27 18:56:13 UTC (rev 9437)
@@ -36,6 +36,8 @@
- Expire socks connections if they spend too long waiting for the
handshake to finish. Previously we would let them sit around for
days, if the connecting application didn't close them either.
+ - And if the socks handshake hasn't started, don't send a
+ "DNS resolve socks failed" handshake reply; just close it.
- Stop using C functions that OpenBSD's linker doesn't like.
- Detect and reject DNS replies containing IPv4 or IPv6 records with
an incorrect number of bytes. (Previously, we would ignore the
Modified: tor/trunk/src/or/connection_edge.c
===================================================================
--- tor/trunk/src/or/connection_edge.c 2007-01-27 18:44:17 UTC (rev 9436)
+++ tor/trunk/src/or/connection_edge.c 2007-01-27 18:56:13 UTC (rev 9437)
@@ -380,8 +380,9 @@
if (conn->_base.state == AP_CONN_STATE_SOCKS_WAIT) {
/* extra debugging */
log_fn(severity, LD_APP,
- "Hints: inbuf len %lu, socks: version %d, command %d, "
- "has_finished %d, address %s, port %d.",
+ "Hints: is_reading %d, inbuf len %lu, socks: version %d, "
+ "command %d, has_finished %d, address %s, port %d.",
+ connection_is_reading(TO_CONN(conn)),
(unsigned long)buf_datalen(conn->_base.inbuf),
(int)conn->socks_request->socks_version,
conn->socks_request->command,
@@ -1958,7 +1959,7 @@
memset(buf+2, 0, 6);
replylen = SOCKS4_NETWORK_LEN;
}
- } else {
+ } else if (conn->socks_request->socks_version == 5) {
/* SOCKS5 */
buf[0] = 0x05; /* version */
if (answer_type == RESOLVED_TYPE_IPV4 && answer_len == 4) {
@@ -1988,6 +1989,9 @@
memset(buf+2, 0, 8);
replylen = 10;
}
+ } else {
+ /* no socks version info; don't send anything back */
+ return;
}
connection_ap_handshake_socks_reply(conn, buf, replylen,
(answer_type == RESOLVED_TYPE_IPV4 ||
More information about the tor-commits
mailing list