diff options
| author | Nick Mathewson <nickm@torproject.org> | 2013-04-11 01:39:26 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2013-04-11 01:39:55 -0400 |
| commit | 7f50af116f2497a73fe9113e814a5765047cf3ca (patch) | |
| tree | 8b31ff3c061a6978afb5438e52dc4b74124cf1c8 /src/or/buffers.c | |
| parent | 6acf0ac2851fb95953edea9c231d82f487f28c3d (diff) | |
| parent | fa3c23773944788125db2f67bcb048376c17fec9 (diff) | |
| download | tor-7f50af116f2497a73fe9113e814a5765047cf3ca.tar.gz tor-7f50af116f2497a73fe9113e814a5765047cf3ca.zip | |
Merge remote-tracking branch 'public/bug8117_023' into maint-0.2.4
Conflicts:
doc/tor.1.txt
src/or/config.c
src/or/connection.c
Diffstat (limited to 'src/or/buffers.c')
| -rw-r--r-- | src/or/buffers.c | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/src/or/buffers.c b/src/or/buffers.c index b54584fb4a..47fa31dc07 100644 --- a/src/or/buffers.c +++ b/src/or/buffers.c @@ -1781,6 +1781,7 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req, if (req->socks_version != 5) { /* we need to negotiate a method */ unsigned char nummethods = (unsigned char)*(data+1); + int have_user_pass, have_no_auth; int r=0; tor_assert(!req->socks_version); if (datalen < 2u+nummethods) { @@ -1791,19 +1792,21 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req, return -1; req->replylen = 2; /* 2 bytes of response */ req->reply[0] = 5; /* socks5 reply */ - if (memchr(data+2, SOCKS_NO_AUTH, nummethods)) { - req->reply[1] = SOCKS_NO_AUTH; /* tell client to use "none" auth - method */ - req->socks_version = 5; /* remember we've already negotiated auth */ - log_debug(LD_APP,"socks5: accepted method 0 (no authentication)"); - r=0; - } else if (memchr(data+2, SOCKS_USER_PASS, nummethods)) { + have_user_pass = (memchr(data+2, SOCKS_USER_PASS, nummethods) !=NULL); + have_no_auth = (memchr(data+2, SOCKS_NO_AUTH, nummethods) !=NULL); + if (have_user_pass && !(have_no_auth && req->socks_prefer_no_auth)) { req->auth_type = SOCKS_USER_PASS; req->reply[1] = SOCKS_USER_PASS; /* tell client to use "user/pass" auth method */ req->socks_version = 5; /* remember we've already negotiated auth */ log_debug(LD_APP,"socks5: accepted method 2 (username/password)"); r=0; + } else if (have_no_auth) { + req->reply[1] = SOCKS_NO_AUTH; /* tell client to use "none" auth + method */ + req->socks_version = 5; /* remember we've already negotiated auth */ + log_debug(LD_APP,"socks5: accepted method 0 (no authentication)"); + r=0; } else { log_warn(LD_APP, "socks5: offered methods don't include 'no auth' or " |