From 1532cff2ce6239df4a2320994bb791d2715e430f Mon Sep 17 00:00:00 2001
From: David Goulet <dgoulet@ev0ke.net>
Date: Fri, 21 Feb 2014 10:14:33 +0000
Subject: [PATCH 1/2] Fix: send back correct IPv6 SOCKS5 connect reply

For a client using a SocksPort connection and IPv6, the connect reply
from tor daemon did not handle AF_INET6 thus sending back the wrong
payload to the client.

A changes file is provided and this fixes #10987

Signed-off-by: David Goulet <dgoulet@ev0ke.net>
---
 changes/bug10987         |  5 +++++
 src/or/connection_edge.c | 25 ++++++++++++++++++-------
 2 files changed, 23 insertions(+), 7 deletions(-)
 create mode 100644 changes/bug10987

diff --git a/changes/bug10987 b/changes/bug10987
new file mode 100644
index 0000000000..108eea9a4d
--- /dev/null
+++ b/changes/bug10987
@@ -0,0 +1,5 @@
+	o Minor bugfixes	
+	  - Fix IPv6 support when using the SocksPort with SOCKS5. Fixes bug10987.
+		Using IPv6 through a SOCKS5 using the SocksPort option will now work
+		with this fix. This part of the code has never been updated to support
+		IPv6 thus this does not fix a previously introduced regression.
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index 3a72110eac..bb24134aef 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -2273,13 +2273,24 @@ connection_ap_handshake_socks_reply(entry_connection_t *conn, char *reply,
     /* leave version, destport, destip zero */
     connection_write_to_buf(buf, SOCKS4_NETWORK_LEN, ENTRY_TO_CONN(conn));
   } else if (conn->socks_request->socks_version == 5) {
-    buf[0] = 5; /* version 5 */
-    buf[1] = (char)status;
-    buf[2] = 0;
-    buf[3] = 1; /* ipv4 addr */
-    memset(buf+4,0,6); /* Set external addr/port to 0.
-                          The spec doesn't seem to say what to do here. -RD */
-    connection_write_to_buf(buf,10,ENTRY_TO_CONN(conn));
+    size_t buf_len;
+    memset(buf,0,sizeof(buf));
+    if (tor_addr_family(&conn->edge_.base_.addr) == AF_INET) {
+      buf[0] = 5; /* version 5 */
+      buf[1] = (char)status;
+      buf[2] = 0;
+      buf[3] = 1; /* ipv4 addr */
+      /* 4 bytes for the header, 2 bytes for the port and 4 for the address. */
+      buf_len = 10;
+    } else { /* AF_INET6. */
+      buf[0] = 5; /* version 5 */
+      buf[1] = (char)status;
+      buf[2] = 0;
+      buf[3] = 4; /* ipv6 addr */
+      /* 4 bytes for the header, 2 bytes for the port and 16 for the address. */
+      buf_len = 22;
+    }
+    connection_write_to_buf(buf,buf_len,ENTRY_TO_CONN(conn));
   }
   /* If socks_version isn't 4 or 5, don't send anything.
    * This can happen in the case of AP bridges. */

From f3e827165294d34dbd58dbb372525b259f1acb72 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Fri, 21 Feb 2014 17:27:35 +0000
Subject: [PATCH 2/2] Style tweaks on code, changes file for 10987

---
 changes/bug10987         | 12 +++++++-----
 src/or/connection_edge.c |  5 ++---
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/changes/bug10987 b/changes/bug10987
index 108eea9a4d..cc5dd8ff55 100644
--- a/changes/bug10987
+++ b/changes/bug10987
@@ -1,5 +1,7 @@
-	o Minor bugfixes	
-	  - Fix IPv6 support when using the SocksPort with SOCKS5. Fixes bug10987.
-		Using IPv6 through a SOCKS5 using the SocksPort option will now work
-		with this fix. This part of the code has never been updated to support
-		IPv6 thus this does not fix a previously introduced regression.
+  o Minor bugfixes
+
+    - Fix IPv6 support when using the SocksPort with SOCKS5. Using IPv6
+      through a SOCKS5 using the SocksPort option will now work with
+      this fix. This part of the code has never been updated to support
+      IPv6 thus this does not fix a previously introduced regression.
+      Fixes bug 10987; bugfix on 0.2.4.7-alpha.
diff --git a/src/or/connection_edge.c b/src/or/connection_edge.c
index bb24134aef..2832abbd6b 100644
--- a/src/or/connection_edge.c
+++ b/src/or/connection_edge.c
@@ -2088,7 +2088,6 @@ connection_ap_handshake_socks_resolved_addr(entry_connection_t *conn,
   }
 }
 
-
 /** Send an answer to an AP connection that has requested a DNS lookup via
  * SOCKS.  The type should be one of RESOLVED_TYPE_(IPV4|IPV6|HOSTNAME) or -1
  * for unreachable; the answer should be in the format specified in the socks
@@ -2280,14 +2279,14 @@ connection_ap_handshake_socks_reply(entry_connection_t *conn, char *reply,
       buf[1] = (char)status;
       buf[2] = 0;
       buf[3] = 1; /* ipv4 addr */
-      /* 4 bytes for the header, 2 bytes for the port and 4 for the address. */
+      /* 4 bytes for the header, 2 bytes for the port, 4 for the address. */
       buf_len = 10;
     } else { /* AF_INET6. */
       buf[0] = 5; /* version 5 */
       buf[1] = (char)status;
       buf[2] = 0;
       buf[3] = 4; /* ipv6 addr */
-      /* 4 bytes for the header, 2 bytes for the port and 16 for the address. */
+      /* 4 bytes for the header, 2 bytes for the port, 16 for the address. */
       buf_len = 22;
     }
     connection_write_to_buf(buf,buf_len,ENTRY_TO_CONN(conn));