From ee42fe8fbb85504ceef9335e2854c35e6163a8c3 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Wed, 29 Jun 2011 17:29:33 -0400
Subject: Don't drain extra data when parsing socks auth methods

We added this back in 0649fa14 in 2006, to deal with the case where
the client unconditionally sent us authentication data.  Hopefully,
that's not needed any longer, since we now can actually parse
authentication data.
---
 src/or/buffers.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'src/or')

diff --git a/src/or/buffers.c b/src/or/buffers.c
index 0e2dbbeb04..44a492addc 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -1736,9 +1736,9 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req,
           req->reply[1] = '\xFF'; /* reject all methods */
           r=-1;
         }
-        /* remove packet from buf. also remove any other extraneous
-         * bytes, to support broken socks clients. */
-        *drain_out = -1;
+        /* Remove packet from buf. Some SOCKS clients will have sent extra
+         * junk at this point; let's hope it's an authentication message. */
+        *drain_out = 2u + nummethods;
 
         return r;
       }
-- 
cgit v1.2.3-54-g00ecf