accept proper RFC1929 auth subnegotiation version field

this was wrongly fixed in 06c20ed394 instead of reverting we now accept the correct version (version field containing 1) plus the incorrect version (5) given by some proxyservers in the wild. curl accepts both forms too. closing #224 addressing #221
2025-01-06 21:02:55 +08:00 · 2018-05-29 18:59:25 +01:00 · 2018-05-29 18:59:25 +01:00 · 49d8ac9338
commit 49d8ac9338
parent bb30d867fe
1 changed files with 9 additions and 6 deletions
--- a/src/core.c
+++ b/src/core.c
@ -350,12 +350,15 @@ static int tunnel_to(int sock, ip_type ip, unsigned short port, proxy_type pt, c

 				if(2 != read_n_bytes(sock, in, 2))
 					goto err;
-				if(in[0] != 5 || in[1] != 0) {
-					if(in[0] != 5)
-						goto err;
-					else
-						return BLOCKED;
-				}
+	/* according to RFC 1929 the version field for the user/pass auth sub-
+	   negotiation should be 1, which is kinda counter-intuitive, so there
+	   are some socks5 proxies that return 5 instead. other programs like
+	   curl work fine when the version is 5, so let's do the same and accept
+	   either of them. */
+				if(!(in[0] == 5 || in[0] == 1))
+					goto err;
+				if(in[1] != 0)
+					return BLOCKED;
 			}
 			int buff_iter = 0;
 			buff[buff_iter++] = 5;	// version