/*
meta.c -- handle the meta communication
- Copyright (C) 2000-2009 Guus Sliepen <guus@tinc-vpn.org>,
+ Copyright (C) 2000-2013 Guus Sliepen <guus@tinc-vpn.org>,
2000-2005 Ivo Timmermans
2006 Scott Lamb <slamb@slamb.org>
if(c->tcplen) {
if(c->tcplen <= c->buflen) {
- receive_tcppacket(c, c->buffer, c->tcplen);
+ if(!c->node) {
+ if(c->outgoing && proxytype == PROXY_SOCKS4 && c->allow_request == ID) {
+ if(c->buffer[0] == 0 && c->buffer[1] == 0x5a) {
+ ifdebug(CONNECTIONS) logger(LOG_DEBUG, "Proxy request granted");
+ } else {
+ logger(LOG_ERR, "Proxy request rejected");
+ return false;
+ }
+ } else if(c->outgoing && proxytype == PROXY_SOCKS5 && c->allow_request == ID) {
+ if(c->buffer[0] != 5) {
+ logger(LOG_ERR, "Invalid response from proxy server");
+ return false;
+ }
+ if(c->buffer[1] == (char)0xff) {
+ logger(LOG_ERR, "Proxy request rejected: unsuitable authentication method");
+ return false;
+ }
+ if(c->buffer[2] != 5) {
+ logger(LOG_ERR, "Invalid response from proxy server");
+ return false;
+ }
+ if(c->buffer[3] == 0) {
+ ifdebug(CONNECTIONS) logger(LOG_DEBUG, "Proxy request granted");
+ } else {
+ logger(LOG_ERR, "Proxy request rejected");
+ return false;
+ }
+ } else {
+ logger(LOG_ERR, "c->tcplen set but c->node is NULL!");
+ abort();
+ }
+ } else {
+ if(c->allow_request == ALL) {
+ receive_tcppacket(c, c->buffer, c->tcplen);
+ } else {
+ logger(LOG_ERR, "Got unauthorized TCP packet from %s (%s)", c->name, c->hostname);
+ return false;
+ }
+ }
c->buflen -= c->tcplen;
lenin -= c->tcplen - oldlen;
projects / oweals / tinc.git / blobdiff