[or-cvs] r9437: If the socks handshake hasn't started, don't send a "DNS res (in tor/trunk: . src/or)

arma at seul.org arma at seul.org
Sat Jan 27 18:56:14 UTC 2007 

Author: arma
Date: 2007-01-27 13:56:13 -0500 (Sat, 27 Jan 2007)
New Revision: 9437

Modified:
   tor/trunk/ChangeLog
   tor/trunk/src/or/connection_edge.c
Log:
If the socks handshake hasn't started, don't send a
"DNS resolve socks failed" handshake reply; just close it.


Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog	2007-01-27 18:44:17 UTC (rev 9436)
+++ tor/trunk/ChangeLog	2007-01-27 18:56:13 UTC (rev 9437)
@@ -36,6 +36,8 @@
     - Expire socks connections if they spend too long waiting for the
       handshake to finish. Previously we would let them sit around for
       days, if the connecting application didn't close them either.
+    - And if the socks handshake hasn't started, don't send a
+      "DNS resolve socks failed" handshake reply; just close it.
     - Stop using C functions that OpenBSD's linker doesn't like.
     - Detect and reject DNS replies containing IPv4 or IPv6 records with
       an incorrect number of bytes. (Previously, we would ignore the

Modified: tor/trunk/src/or/connection_edge.c
===================================================================
--- tor/trunk/src/or/connection_edge.c	2007-01-27 18:44:17 UTC (rev 9436)
+++ tor/trunk/src/or/connection_edge.c	2007-01-27 18:56:13 UTC (rev 9437)
@@ -380,8 +380,9 @@
           if (conn->_base.state == AP_CONN_STATE_SOCKS_WAIT) {
             /* extra debugging */
             log_fn(severity, LD_APP,
-                   "Hints: inbuf len %lu, socks: version %d, command %d, "
-                   "has_finished %d, address %s, port %d.",
+                   "Hints: is_reading %d, inbuf len %lu, socks: version %d, "
+                   "command %d, has_finished %d, address %s, port %d.",
+                   connection_is_reading(TO_CONN(conn)),
                    (unsigned long)buf_datalen(conn->_base.inbuf),
                    (int)conn->socks_request->socks_version,
                    conn->socks_request->command,
@@ -1958,7 +1959,7 @@
       memset(buf+2, 0, 6);
       replylen = SOCKS4_NETWORK_LEN;
     }
-  } else {
+  } else if (conn->socks_request->socks_version == 5) {
     /* SOCKS5 */
     buf[0] = 0x05; /* version */
     if (answer_type == RESOLVED_TYPE_IPV4 && answer_len == 4) {
@@ -1988,6 +1989,9 @@
       memset(buf+2, 0, 8);
       replylen = 10;
     }
+  } else {
+    /* no socks version info; don't send anything back */
+    return;
   }
   connection_ap_handshake_socks_reply(conn, buf, replylen,
           (answer_type == RESOLVED_TYPE_IPV4 ||

More information about the tor-commits mailing list