summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorrl1987 <rl1987@sdf.lonestar.org>2014-10-21 20:50:32 +0300
committerNick Mathewson <nickm@torproject.org>2014-11-04 00:37:24 -0500
commit51e247361824fa64f4322fb59e9d2cffd9d72cba (patch)
tree5328a16f903bca1eb8ea8d85322c531e840ddbeb
parentfc9591da727817923e1084d1a73d5dd8a52e6948 (diff)
downloadtor-51e247361824fa64f4322fb59e9d2cffd9d72cba.tar.gz
tor-51e247361824fa64f4322fb59e9d2cffd9d72cba.zip
Sending 'Not allowed' error message before closing the connection.
-rw-r--r--src/or/buffers.c4
-rw-r--r--src/test/test_socks.c14
2 files changed, 17 insertions, 1 deletions
diff --git a/src/or/buffers.c b/src/or/buffers.c
index 354bec64bc..691845ec10 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -2053,8 +2053,10 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req,
string_is_valid_ipv6_address(req->address)) {
log_unsafe_socks_warning(5,req->address,req->port,safe_socks);
- if (safe_socks)
+ if (safe_socks) {
+ socks_request_set_socks5_error(req, SOCKS5_NOT_ALLOWED);
return -1;
+ }
}
if (!string_is_valid_hostname(req->address)) {
diff --git a/src/test/test_socks.c b/src/test/test_socks.c
index ba6b9a9771..a3fe07fdc5 100644
--- a/src/test/test_socks.c
+++ b/src/test/test_socks.c
@@ -238,6 +238,13 @@ test_socks_5_supported_commands(void *ptr)
ADD_DATA(buf, "\x01\x02");
tt_assert(fetch_from_buf_socks(buf,socks,get_options()->TestSocks,1)
== -1);
+
+ tt_int_op(5,==,socks->socks_version);
+ tt_int_op(10,==,socks->replylen);
+ tt_int_op(5,==,socks->reply[0]);
+ tt_int_op(SOCKS5_NOT_ALLOWED,==,socks->reply[1]);
+ tt_int_op(1,==,socks->reply[3]);
+
socks_request_clear(socks);
/* SOCKS 5 should reject RESOLVE [F0] reject for IPv6 address
@@ -249,6 +256,13 @@ test_socks_5_supported_commands(void *ptr)
ADD_DATA(buf, "\x01\x02");
tt_assert(fetch_from_buf_socks(buf,socks,get_options()->TestSocks,1)
== -1);
+
+ tt_int_op(5,==,socks->socks_version);
+ tt_int_op(10,==,socks->replylen);
+ tt_int_op(5,==,socks->reply[0]);
+ tt_int_op(SOCKS5_NOT_ALLOWED,==,socks->reply[1]);
+ tt_int_op(1,==,socks->reply[3]);
+
socks_request_clear(socks);
/* SOCKS 5 Send RESOLVE_PTR [F1] for IP address 2.2.2.5 */