From 51e247361824fa64f4322fb59e9d2cffd9d72cba Mon Sep 17 00:00:00 2001 From: rl1987 Date: Tue, 21 Oct 2014 20:50:32 +0300 Subject: [PATCH] Sending 'Not allowed' error message before closing the connection. --- src/or/buffers.c | 4 +++- src/test/test_socks.c | 14 ++++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/src/or/buffers.c b/src/or/buffers.c index 354bec64bc..691845ec10 100644 --- a/src/or/buffers.c +++ b/src/or/buffers.c @@ -2053,8 +2053,10 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req, string_is_valid_ipv6_address(req->address)) { log_unsafe_socks_warning(5,req->address,req->port,safe_socks); - if (safe_socks) + if (safe_socks) { + socks_request_set_socks5_error(req, SOCKS5_NOT_ALLOWED); return -1; + } } if (!string_is_valid_hostname(req->address)) { diff --git a/src/test/test_socks.c b/src/test/test_socks.c index ba6b9a9771..a3fe07fdc5 100644 --- a/src/test/test_socks.c +++ b/src/test/test_socks.c @@ -238,6 +238,13 @@ test_socks_5_supported_commands(void *ptr) ADD_DATA(buf, "\x01\x02"); tt_assert(fetch_from_buf_socks(buf,socks,get_options()->TestSocks,1) == -1); + + tt_int_op(5,==,socks->socks_version); + tt_int_op(10,==,socks->replylen); + tt_int_op(5,==,socks->reply[0]); + tt_int_op(SOCKS5_NOT_ALLOWED,==,socks->reply[1]); + tt_int_op(1,==,socks->reply[3]); + socks_request_clear(socks); /* SOCKS 5 should reject RESOLVE [F0] reject for IPv6 address @@ -249,6 +256,13 @@ test_socks_5_supported_commands(void *ptr) ADD_DATA(buf, "\x01\x02"); tt_assert(fetch_from_buf_socks(buf,socks,get_options()->TestSocks,1) == -1); + + tt_int_op(5,==,socks->socks_version); + tt_int_op(10,==,socks->replylen); + tt_int_op(5,==,socks->reply[0]); + tt_int_op(SOCKS5_NOT_ALLOWED,==,socks->reply[1]); + tt_int_op(1,==,socks->reply[3]); + socks_request_clear(socks); /* SOCKS 5 Send RESOLVE_PTR [F1] for IP address 2.2.2.5 */