moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-11-17 06:55:02 -05:00
Code Issues Releases Wiki Activity

socks: detect connection close during handshake

Browse Source 
The SOCKS4/5 state machines weren't properly terminated when the proxy
connection got closed, leading to a busy-loop.

Reported-By: zloi-user on github
Fixes #5532
Closes #5542
This commit is contained in:
Daniel Stenberg 2020-06-08 14:05:22 +02:00
parent 0a35580e21
commit 2a41e23671
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
1 changed files with 28 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
lib/socks.c
View File

@ -382,6 +382,11 @@ CURLcode Curl_SOCKS4(const char *proxy_user,
curl_easy_strerror(result)); curl_easy_strerror(result));
return CURLE_COULDNT_CONNECT; return CURLE_COULDNT_CONNECT;
} }
else if(!result && !actualread) {
/* connection closed */
failf(data, "connection to proxy closed");
return CURLE_COULDNT_CONNECT;
}
else if(actualread != sx->outstanding) { else if(actualread != sx->outstanding) {
/* remain in reading state */ /* remain in reading state */
sx->outstanding -= actualread; sx->outstanding -= actualread;
@ -592,6 +597,11 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
failf(data, "Unable to receive initial SOCKS5 response."); failf(data, "Unable to receive initial SOCKS5 response.");
return CURLE_COULDNT_CONNECT; return CURLE_COULDNT_CONNECT;
} }
else if(!result && !actualread) {
/* connection closed */
failf(data, "Connection to proxy closed");
return CURLE_COULDNT_CONNECT;
}
else if(actualread != sx->outstanding) { else if(actualread != sx->outstanding) {
/* remain in reading state */ /* remain in reading state */
sx->outstanding -= actualread; sx->outstanding -= actualread;
@ -717,15 +727,19 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
failf(data, "Unable to receive SOCKS5 sub-negotiation response."); failf(data, "Unable to receive SOCKS5 sub-negotiation response.");
return CURLE_COULDNT_CONNECT; return CURLE_COULDNT_CONNECT;
} }
if(actualread != sx->outstanding) { else if(!result && !actualread) {
/* connection closed */
failf(data, "connection to proxy closed");
return CURLE_COULDNT_CONNECT;
}
else if(actualread != sx->outstanding) {
/* remain in state */ /* remain in state */
sx->outstanding -= actualread; sx->outstanding -= actualread;
sx->outp += actualread; sx->outp += actualread;
return CURLE_OK; return CURLE_OK;
} }
/* ignore the first (VER) byte */ /* ignore the first (VER) byte */
if(socksreq[1] != 0) { /* status */ else if(socksreq[1] != 0) { /* status */
failf(data, "User was rejected by the SOCKS5 server (%d %d).", failf(data, "User was rejected by the SOCKS5 server (%d %d).",
socksreq[0], socksreq[1]); socksreq[0], socksreq[1]);
return CURLE_COULDNT_CONNECT; return CURLE_COULDNT_CONNECT;
@ -890,6 +904,11 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
failf(data, "Failed to receive SOCKS5 connect request ack."); failf(data, "Failed to receive SOCKS5 connect request ack.");
return CURLE_COULDNT_CONNECT; return CURLE_COULDNT_CONNECT;
} }
else if(!result && !actualread) {
/* connection closed */
failf(data, "connection to proxy closed");
return CURLE_COULDNT_CONNECT;
}
else if(actualread != sx->outstanding) { else if(actualread != sx->outstanding) {
/* remain in state */ /* remain in state */
sx->outstanding -= actualread; sx->outstanding -= actualread;
@ -967,7 +986,12 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
failf(data, "Failed to receive SOCKS5 connect request ack."); failf(data, "Failed to receive SOCKS5 connect request ack.");
return CURLE_COULDNT_CONNECT; return CURLE_COULDNT_CONNECT;
} }
if(actualread != sx->outstanding) { else if(!result && !actualread) {
/* connection closed */
failf(data, "connection to proxy closed");
return CURLE_COULDNT_CONNECT;
}
else if(actualread != sx->outstanding) {
/* remain in state */ /* remain in state */
sx->outstanding -= actualread; sx->outstanding -= actualread;
sx->outp += actualread; sx->outp += actualread;