Hi, On 09/09/2020 14:22, Gert Doering wrote: > When a SOCKS5 server sends back a reply, it encodes an "address", > which can be IPv4 (4 bytes), IPv6 (16 bytes) or "a domain name", > which has a lenght (1 byte) and "a string of length <length>" - so > when copying bytes, we need to hande "length +1" bytes. > > Our code totally doesn't use this variant of addresses on reception, > but since this has been pointed out by "tpw_rules" in Trac, fix it, > so if/when someone works on this again, the foundation is correct. > > While at it, increase buffer size used for sending to handle domain > names longer than 122 characters (length was already checked, so a > longer name would not overflow but just "not work"). > > v2: increase buf[] len in recv_socks_reply() from 22 to 270 so it > is large enough to actually copy a domain name > > v3: increase buf[] len in establish_socks_proxy_passthru() from 128 to > 270, to handle long domain names in queries > > Reported-By: tpw_rules in Trac > Trac: #848 > > Signed-off-by: Gert Doering <g...@greenie.muc.de>
After a quick discussion on IRC I am fine with this patch, assuming the whitespace is added after the '+' operator. Further refactoring of this code will be carried on in later patches. Regards, -- Antonio Quartulli _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
