diff options
author | rofl0r <retnyg@gmx.net> | 2018-05-29 20:59:25 +0300 |
---|---|---|
committer | rofl0r <retnyg@gmx.net> | 2018-05-29 20:59:30 +0300 |
commit | 49d8ac933894a3eddaea387cfc62d70661fb7cf4 (patch) | |
tree | d21638041ed380b520adf4d52848c915106cb227 | |
parent | bb30d867fef3f69ec0c84414c09039e1f89b34fd (diff) |
accept proper RFC1929 auth subnegotiation version field
this was wrongly fixed in 06c20ed394a65cc9e959a30ea74b8b256f76c1fa
instead of reverting we now accept the correct version
(version field containing 1) plus the incorrect version (5) given by some
proxyservers in the wild. curl accepts both forms too.
closing #224
addressing #221
-rw-r--r-- | src/core.c | 15 |
1 files changed, 9 insertions, 6 deletions
@@ -350,12 +350,15 @@ static int tunnel_to(int sock, ip_type ip, unsigned short port, proxy_type pt, c if(2 != read_n_bytes(sock, in, 2)) goto err; - if(in[0] != 5 || in[1] != 0) { - if(in[0] != 5) - goto err; - else - return BLOCKED; - } + /* according to RFC 1929 the version field for the user/pass auth sub- + negotiation should be 1, which is kinda counter-intuitive, so there + are some socks5 proxies that return 5 instead. other programs like + curl work fine when the version is 5, so let's do the same and accept + either of them. */ + if(!(in[0] == 5 || in[0] == 1)) + goto err; + if(in[1] != 0) + return BLOCKED; } int buff_iter = 0; buff[buff_iter++] = 5; // version |