[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] backport: if you do socks4 with an IP of 0.0.0.x then we ge...



Update of /home2/or/cvsroot/tor/src/or
In directory moria.mit.edu:/home2/arma/work/onion/0091/tor/src/or

Modified Files:
      Tag: tor-0_0_9-patches
	buffers.c 
Log Message:
backport: if you do socks4 with an IP of 0.0.0.x then we get tricked
into thinking you're doing socks4a, and we look for the next byte.


Index: buffers.c
===================================================================
RCS file: /home2/or/cvsroot/tor/src/or/buffers.c,v
retrieving revision 1.122
retrieving revision 1.122.2.1
diff -u -d -r1.122 -r1.122.2.1
--- buffers.c	7 Dec 2004 21:57:10 -0000	1.122
+++ buffers.c	22 Dec 2004 09:53:52 -0000	1.122.2.1
@@ -584,6 +584,10 @@
       tor_assert(next < buf->mem+buf->datalen);
 
       startaddr = NULL;
+      if (socks4_prot == socks4a && next+1 == buf->mem+buf->datalen) {
+        log_fn(LOG_DEBUG,"socks4: No part of destaddr here yet.");
+        return 0;
+      }
       if (socks4_prot != socks4a && !have_warned_about_unsafe_socks) {
         log_fn(LOG_WARN,"Your application (using socks4 on port %d) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead.", req->port);
 //      have_warned_about_unsafe_socks = 1; // (for now, warn every time)