mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-28 14:23:30 +01:00
socks: Send back extended error code if set
This commit defines the new extended error codes. It also flags the socks request object that it can use them. Part of #30382 Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit is contained in:
parent
78a9158bf0
commit
84162c1d33
@ -1905,6 +1905,8 @@ connection_init_accepted_conn(connection_t *conn,
|
|||||||
conn->state = AP_CONN_STATE_SOCKS_WAIT;
|
conn->state = AP_CONN_STATE_SOCKS_WAIT;
|
||||||
TO_ENTRY_CONN(conn)->socks_request->socks_prefer_no_auth =
|
TO_ENTRY_CONN(conn)->socks_request->socks_prefer_no_auth =
|
||||||
listener->entry_cfg.socks_prefer_no_auth;
|
listener->entry_cfg.socks_prefer_no_auth;
|
||||||
|
TO_ENTRY_CONN(conn)->socks_request->socks_use_extended_errors =
|
||||||
|
listener->entry_cfg.extended_socks5_codes;
|
||||||
break;
|
break;
|
||||||
case CONN_TYPE_AP_TRANS_LISTENER:
|
case CONN_TYPE_AP_TRANS_LISTENER:
|
||||||
TO_ENTRY_CONN(conn)->is_transparent_ap = 1;
|
TO_ENTRY_CONN(conn)->is_transparent_ap = 1;
|
||||||
|
@ -3522,11 +3522,17 @@ connection_ap_handshake_socks_reply(entry_connection_t *conn, char *reply,
|
|||||||
size_t replylen, int endreason)
|
size_t replylen, int endreason)
|
||||||
{
|
{
|
||||||
char buf[256];
|
char buf[256];
|
||||||
socks5_reply_status_t status =
|
socks5_reply_status_t status;
|
||||||
stream_end_reason_to_socks5_response(endreason);
|
|
||||||
|
|
||||||
tor_assert(conn->socks_request); /* make sure it's an AP stream */
|
tor_assert(conn->socks_request); /* make sure it's an AP stream */
|
||||||
|
|
||||||
|
if (conn->socks_request->socks_use_extended_errors &&
|
||||||
|
conn->socks_request->socks_extended_error_code != 0) {
|
||||||
|
status = conn->socks_request->socks_extended_error_code;
|
||||||
|
} else {
|
||||||
|
status = stream_end_reason_to_socks5_response(endreason);
|
||||||
|
}
|
||||||
|
|
||||||
if (!SOCKS_COMMAND_IS_RESOLVE(conn->socks_request->command)) {
|
if (!SOCKS_COMMAND_IS_RESOLVE(conn->socks_request->command)) {
|
||||||
control_event_stream_status(conn, status==SOCKS5_SUCCEEDED ?
|
control_event_stream_status(conn, status==SOCKS5_SUCCEEDED ?
|
||||||
STREAM_EVENT_SUCCEEDED : STREAM_EVENT_FAILED,
|
STREAM_EVENT_SUCCEEDED : STREAM_EVENT_FAILED,
|
||||||
|
@ -7,6 +7,8 @@
|
|||||||
#ifndef SOCKS_REQUEST_ST_H
|
#ifndef SOCKS_REQUEST_ST_H
|
||||||
#define SOCKS_REQUEST_ST_H
|
#define SOCKS_REQUEST_ST_H
|
||||||
|
|
||||||
|
#include "lib/net/socks5_status.h"
|
||||||
|
|
||||||
#define MAX_SOCKS_REPLY_LEN 1024
|
#define MAX_SOCKS_REPLY_LEN 1024
|
||||||
|
|
||||||
#define SOCKS_NO_AUTH 0x00
|
#define SOCKS_NO_AUTH 0x00
|
||||||
@ -58,6 +60,11 @@ struct socks_request_t {
|
|||||||
* "username/password" authentication if both are offered. Used as input to
|
* "username/password" authentication if both are offered. Used as input to
|
||||||
* parse_socks. */
|
* parse_socks. */
|
||||||
unsigned int socks_prefer_no_auth : 1;
|
unsigned int socks_prefer_no_auth : 1;
|
||||||
|
/** If set, we can send back the extended error code in the reply. */
|
||||||
|
unsigned int socks_use_extended_errors : 1;
|
||||||
|
/** If non zero, this contains the extended error code that should be used
|
||||||
|
* if the port was configured to use them. */
|
||||||
|
socks5_reply_status_t socks_extended_error_code;
|
||||||
|
|
||||||
/** Number of bytes in username; 0 if username is NULL */
|
/** Number of bytes in username; 0 if username is NULL */
|
||||||
size_t usernamelen;
|
size_t usernamelen;
|
||||||
|
@ -27,6 +27,15 @@ typedef enum {
|
|||||||
SOCKS5_TTL_EXPIRED = 0x06,
|
SOCKS5_TTL_EXPIRED = 0x06,
|
||||||
SOCKS5_COMMAND_NOT_SUPPORTED = 0x07,
|
SOCKS5_COMMAND_NOT_SUPPORTED = 0x07,
|
||||||
SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED = 0x08,
|
SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED = 0x08,
|
||||||
|
|
||||||
|
/* Extended error code (see prop304). Only used if the SocksPort flag
|
||||||
|
* "ExtendedErrors" is set. */
|
||||||
|
SOCKS5_HS_NOT_FOUND = 0xF0,
|
||||||
|
SOCKS5_HS_IS_INVALID = 0xF1,
|
||||||
|
SOCKS5_HS_INTRO_FAILED = 0xF2,
|
||||||
|
SOCKS5_HS_REND_FAILED = 0xF3,
|
||||||
|
SOCKS5_HS_MISSING_CLIENT_AUTH = 0xF4,
|
||||||
|
SOCKS5_HS_BAD_CLIENT_AUTH = 0xF5,
|
||||||
} socks5_reply_status_t;
|
} socks5_reply_status_t;
|
||||||
|
|
||||||
#endif /* !defined(TOR_SOCKS5_STATUS_H) */
|
#endif /* !defined(TOR_SOCKS5_STATUS_H) */
|
||||||
|
Loading…
Reference in New Issue
Block a user