diff options
author | rofl0r <retnyg@gmx.net> | 2015-06-14 14:07:19 +0300 |
---|---|---|
committer | rofl0r <retnyg@gmx.net> | 2015-06-14 14:10:32 +0300 |
commit | 9969dd3a227abe06c8f7c2f4c217607c344fb6bd (patch) | |
tree | 55f8c47e5ae74ac0cea1fdf310e088c431b8a9ca | |
parent | d900b090fe63612704168604f3c200ecdf94ebcd (diff) |
fix socks5 bug: always requested user auth cap
since "user" always points to a statically allocated string buffer,
the test for if(user)... was bogus.
use ulen instead.
this bug should only be visible on socks servers that require auth
if username was not passed, so it was probably not really an issue.
-rw-r--r-- | src/core.c | 10 |
1 files changed, 5 insertions, 5 deletions
@@ -227,7 +227,7 @@ static int tunnel_to(int sock, ip_type ip, unsigned short port, proxy_type pt, c #define HTTP_AUTH_MAX ((0xFF * 2) + 1 + 1) /* 2 * 0xff: username and pass, plus 1 for ':' and 1 for zero terminator. */ char src[HTTP_AUTH_MAX]; char dst[(4 * HTTP_AUTH_MAX)]; - if(user[0]) { + if(ulen) { snprintf(src, sizeof(src), "%s:%s", user, pass); encode_base_64(src, dst, sizeof(dst)); } else dst[0] = 0; @@ -235,8 +235,8 @@ static int tunnel_to(int sock, ip_type ip, unsigned short port, proxy_type pt, c len = snprintf((char *) buff, sizeof(buff), "CONNECT %s:%d HTTP/1.0\r\n%s%s%s\r\n", dns_name, ntohs(port), - user[0] ? "Proxy-Authorization: Basic " : dst, - dst, user[0] ? "\r\n" : dst); + ulen ? "Proxy-Authorization: Basic " : dst, + dst, ulen ? "\r\n" : dst); if(len != send(sock, buff, len, 0)) goto err; @@ -300,11 +300,11 @@ static int tunnel_to(int sock, ip_type ip, unsigned short port, proxy_type pt, c } break; case SOCKS5_TYPE:{ - int n_methods = user ? 2 : 1; + int n_methods = ulen ? 2 : 1; buff[0] = 5; // version buff[1] = n_methods ; // number of methods buff[2] = 0; // no auth method - if(user) buff[3] = 2; /// auth method -> username / password + if(ulen) buff[3] = 2; /// auth method -> username / password if(2+n_methods != write_n_bytes(sock, (char *) buff, 2+n_methods)) goto err; |