if (pr->dynamic) {
while (len--) {
if (pr->port >= lenof(pr->hostname)) {
+ /* Request too long. */
if ((pr->dynamic >> 12) == 4) {
/* Send back a SOCKS 4 error before closing. */
char data[8];
}
if (pr->dynamic == 0x5001) {
+ /*
+ * We're receiving a SOCKS request.
+ */
+ unsigned char reply[10]; /* SOCKS5 atyp=1 reply */
int atype, alen = 0;
+
+ /*
+ * Pre-fill reply packet.
+ * In all cases, we set BND.{HOST,ADDR} to 0.0.0.0:0
+ * (atyp=1) in the reply; if we succeed, we don't know
+ * the right answers, and if we fail, they should be
+ * ignored.
+ */
+ memset(reply, 0, lenof(reply));
+ reply[0] = 5; /* VER */
+ reply[3] = 1; /* ATYP = 1 (IPv4, 0.0.0.0:0) */
+
if (pr->port < 6) continue;
atype = (unsigned char)pr->hostname[3];
if (atype == 1) /* IPv4 address */
alen = 1 + (unsigned char)pr->hostname[4];
if (pr->port < 6 + alen) continue;
if (pr->hostname[1] != 1 || pr->hostname[2] != 0) {
- pr->hostname[1] = 1; /* generic failure */
- pr->hostname[2] = 0; /* reserved */
- sk_write(pr->s, pr->hostname, pr->port);
+ /* Not CONNECT or reserved field nonzero - error */
+ reply[1] = 1; /* generic failure */
+ sk_write(pr->s, reply, lenof(reply));
pfd_close(pr->s);
return 1;
}
*/
pr->port = GET_16BIT_MSB_FIRST(pr->hostname+4+alen);
if (atype == 1) {
- pr->hostname[1] = 0; /* succeeded */
- sk_write(pr->s, pr->hostname, alen + 6);
+ /* REP=0 (success) already */
+ sk_write(pr->s, reply, lenof(reply));
sprintf(pr->hostname, "%d.%d.%d.%d",
(unsigned char)pr->hostname[4],
(unsigned char)pr->hostname[5],
(unsigned char)pr->hostname[7]);
goto connect;
} else if (atype == 3) {
- pr->hostname[1] = 0; /* succeeded */
- sk_write(pr->s, pr->hostname, alen + 6);
+ /* REP=0 (success) already */
+ sk_write(pr->s, reply, lenof(reply));
memmove(pr->hostname, pr->hostname + 5, alen-1);
pr->hostname[alen-1] = '\0';
goto connect;
/*
* Unknown address type. (FIXME: support IPv6!)
*/
- pr->hostname[1] = 8; /* atype not supported */
- sk_write(pr->s, pr->hostname, pr->port);
+ reply[1] = 8; /* atype not supported */
+ sk_write(pr->s, reply, lenof(reply));
pfd_close(pr->s);
return 1;
}