Hi, On Mon, Mar 20, 2023 at 02:07:14PM -0400, Selva Nair wrote: > > Thanks, this change makes sense. I have not actively tried to provoke > > it (like, by connecting to a "fake SOCKS server" that will trigger it), > > but the change is obviously an improvement to "if it's not ==1, it > > must be a TCP error!"). > > An easy way to "provoke" this is to use openssh proxy (say, -D 1080) and > use it to proxy to a udp server. SSH will close the connection as it does > not > support udp association. Probably it should return one of the socks5 error > code instead, but doesn't. Even if it did, our recv_socks_reply() is not > capable of > handling such errors.
Ah, this is helpful. I did use "socks -D" for the very first t_client.sh
"test with SOCKS", but I found this cumbersome for regular use (need to
ensure the session is up, etc.) I went for "dante" instead - v4, v6,
UDP, TCP. And a config language worse than OpenVPN... *cough*.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
