[tor-commits] [tor/master] Don't drain extra data when parsing socks auth methods

nickm at torproject.org nickm at torproject.org
Wed Jul 13 16:13:22 UTC 2011


commit ee42fe8fbb85504ceef9335e2854c35e6163a8c3
Author: Nick Mathewson <nickm at torproject.org>
Date:   Wed Jun 29 17:29:33 2011 -0400

    Don't drain extra data when parsing socks auth methods
    
    We added this back in 0649fa14 in 2006, to deal with the case where
    the client unconditionally sent us authentication data.  Hopefully,
    that's not needed any longer, since we now can actually parse
    authentication data.
---
 src/or/buffers.c |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/or/buffers.c b/src/or/buffers.c
index 0e2dbbe..44a492a 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -1736,9 +1736,9 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req,
           req->reply[1] = '\xFF'; /* reject all methods */
           r=-1;
         }
-        /* remove packet from buf. also remove any other extraneous
-         * bytes, to support broken socks clients. */
-        *drain_out = -1;
+        /* Remove packet from buf. Some SOCKS clients will have sent extra
+         * junk at this point; let's hope it's an authentication message. */
+        *drain_out = 2u + nummethods;
 
         return r;
       }





More information about the tor-commits mailing list