From e4916145ef9743b0f417fbec86888f29b5622276 Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Mon, 16 Feb 2004 07:33:30 +0000
Subject: Jeff Lawson pointed out that we need to check for a '5' in the
 version field to properly work with SOCKS5 proxies. I also included some
 ascii art describing the SOCKS5 response, as RFC1928 describes. Jeff provided
 details in bug report #741841 and here:
 http://curl.haxx.se/mail/lib-2004-02/0181.html

---
 lib/url.c | 19 ++++++++++++++++++-
 1 file changed, 18 insertions(+), 1 deletion(-)

diff --git a/lib/url.c b/lib/url.c
index 2f2b165b7..188263b61 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -1581,6 +1581,23 @@ static int handleSock5Proxy(const char *proxy_name,
                             const char *proxy_password,
                             struct connectdata *conn)
 {
+  /*
+    According to the RFC1928, section "6.  Replies". This is what a SOCK5
+    replies:
+
+        +----+-----+-------+------+----------+----------+
+        |VER | REP |  RSV  | ATYP | BND.ADDR | BND.PORT |
+        +----+-----+-------+------+----------+----------+
+        | 1  |  1  | X'00' |  1   | Variable |    2     |
+        +----+-----+-------+------+----------+----------+
+
+    Where:
+
+    o  VER    protocol version: X'05'
+    o  REP    Reply field:
+    o  X'00' succeeded
+  */
+
   unsigned char socksreq[600]; /* room for large user/pw (255 max each) */
   ssize_t actualread;
   ssize_t written;
@@ -1651,7 +1668,7 @@ static int handleSock5Proxy(const char *proxy_name,
       return 1;
     }
 
-    if ((socksreq[0] != 1) || /* version */
+    if ((socksreq[0] != 5) || /* version */
         (socksreq[1] != 0)) { /* status */
       failf(conn->data, "User was rejected by the SOCKS5 server (%d %d).",
             socksreq[0], socksreq[1]);
-- 
cgit v1.2.3