summaryrefslogtreecommitdiff
path: root/src/core/proto
diff options
context:
space:
mode:
authorliberat <liberat@disroot.org>2019-11-11 15:08:36 +0000
committerliberat <liberat@disroot.org>2019-11-11 15:34:38 +0000
commit4e4c4e72d74d66181bec537fc00a8af92be0a0af (patch)
tree66bbbb6700097b9a1b9fdb6177f3b15c3783af7c /src/core/proto
parent1bde356bf645f3c3d3b0a6e70c03e2baf9f89d26 (diff)
downloadtor-4e4c4e72d74d66181bec537fc00a8af92be0a0af.tar.gz
tor-4e4c4e72d74d66181bec537fc00a8af92be0a0af.zip
Handle binary IPv6 addresses and bracketed strings in RESOLVE_PTR.
When a SOCKS5 client sends a RESOLVE_PTR request, it must include either an IPv4 or IPv6 address. In the past this was required to be a binary address (address types 1 or 4), but since the refactoring of SOCKS5 support in Tor 0.3.5.1-alpha, strings (address type 3) are also allowed if they represent an IPv4 or IPv6 literal. However, when a binary IPv6 address is provided, parse_socks5_client_request converts it into a string enclosed in brackets. This doesn't match what string_is_valid_ipv6_address expects, so this would fail with the error "socks5 received RESOLVE_PTR command with hostname type. Rejecting." By replacing string_is_valid_ipv4_address/string_is_valid_ipv6_address with tor_addr_parse, we accept strings both with and without brackets. This fixes the handling of binary addresses, and also improves symmetry with CONNECT and RESOLVE requests. Fixes bug 32315.
Diffstat (limited to 'src/core/proto')
-rw-r--r--src/core/proto/proto_socks.c6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/core/proto/proto_socks.c b/src/core/proto/proto_socks.c
index 8b78ed44c2..17f1fc0e5c 100644
--- a/src/core/proto/proto_socks.c
+++ b/src/core/proto/proto_socks.c
@@ -615,6 +615,7 @@ process_socks5_client_request(socks_request_t *req,
int safe_socks)
{
socks_result_t res = SOCKS_RESULT_DONE;
+ tor_addr_t tmpaddr;
if (req->command != SOCKS_COMMAND_CONNECT &&
req->command != SOCKS_COMMAND_RESOLVE &&
@@ -625,11 +626,10 @@ process_socks5_client_request(socks_request_t *req,
}
if (req->command == SOCKS_COMMAND_RESOLVE_PTR &&
- !string_is_valid_ipv4_address(req->address) &&
- !string_is_valid_ipv6_address(req->address)) {
+ tor_addr_parse(&tmpaddr, req->address) < 0) {
socks_request_set_socks5_error(req, SOCKS5_ADDRESS_TYPE_NOT_SUPPORTED);
log_warn(LD_APP, "socks5 received RESOLVE_PTR command with "
- "hostname type. Rejecting.");
+ "a malformed address. Rejecting.");
res = SOCKS_RESULT_INVALID;
goto end;