From e4916145ef9743b0f417fbec86888f29b5622276 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Mon, 16 Feb 2004 07:33:30 +0000 Subject: Jeff Lawson pointed out that we need to check for a '5' in the version field to properly work with SOCKS5 proxies. I also included some ascii art describing the SOCKS5 response, as RFC1928 describes. Jeff provided details in bug report #741841 and here: http://curl.haxx.se/mail/lib-2004-02/0181.html --- lib/url.c | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/lib/url.c b/lib/url.c index 2f2b165b7..188263b61 100644 --- a/lib/url.c +++ b/lib/url.c @@ -1581,6 +1581,23 @@ static int handleSock5Proxy(const char *proxy_name, const char *proxy_password, struct connectdata *conn) { + /* + According to the RFC1928, section "6. Replies". This is what a SOCK5 + replies: + + +----+-----+-------+------+----------+----------+ + |VER | REP | RSV | ATYP | BND.ADDR | BND.PORT | + +----+-----+-------+------+----------+----------+ + | 1 | 1 | X'00' | 1 | Variable | 2 | + +----+-----+-------+------+----------+----------+ + + Where: + + o VER protocol version: X'05' + o REP Reply field: + o X'00' succeeded + */ + unsigned char socksreq[600]; /* room for large user/pw (255 max each) */ ssize_t actualread; ssize_t written; @@ -1651,7 +1668,7 @@ static int handleSock5Proxy(const char *proxy_name, return 1; } - if ((socksreq[0] != 1) || /* version */ + if ((socksreq[0] != 5) || /* version */ (socksreq[1] != 0)) { /* status */ failf(conn->data, "User was rejected by the SOCKS5 server (%d %d).", socksreq[0], socksreq[1]); -- cgit v1.2.3