socks5 icon indicating copy to clipboard operation
socks5 copied to clipboard

Published 20 hours ago verified publisher icon mike820324

connection.py enforces incorrect logic on replies

Open itamarst opened this issue 7 years ago • 1 comments

https://github.com/mike820324/socks5/blob/master/socks5/connection.py#L207 enforces response host and port matching requested CONNECT host and port.

However, the RFC states:

   In the reply to a CONNECT, BND.PORT contains the port number that the
   server assigned to connect to the target host, while BND.ADDR
   contains the associated IP address.  The supplied BND.ADDR is often
   different from the IP address that the client uses to reach the SOCKS
   server, since such servers are often multi-homed.  It is expected
   that the SOCKS server will use DST.ADDR and DST.PORT, and the
   client-side source address and port in evaluating the CONNECT
   request.

I.e. the bind host/port, which are the server-side host/port, not the destination - socket.getsockname() vs socket.getpeername(). These are always IPs too, so even if connection was requested to domain name the response needs to be an IP.

itamarst avatar Mar 17 '17 15:03 itamarst

This issue affects connecting to tor, which just puts zero for both address and port: image Simply removing https://github.com/mike820324/socks5/blob/master/socks5/connection.py#L73-L75 fixes the problem.

matsjoyce avatar Dec 10 '18 17:12 matsjoyce