summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2020-06-08 14:05:22 +0200
committerDaniel Stenberg <daniel@haxx.se>2020-06-08 23:19:36 +0200
commit2a41e236716da4c41ebc1132bd36d9273bd0321f (patch)
tree5a11722ac44a0911745b6c8b4f8b371fc222de4e /lib
parent0a35580e210df6a0548c114665f201ecd759eadd (diff)
downloadcurl-2a41e236716da4c41ebc1132bd36d9273bd0321f.tar.gz
socks: detect connection close during handshake
The SOCKS4/5 state machines weren't properly terminated when the proxy connection got closed, leading to a busy-loop. Reported-By: zloi-user on github Fixes #5532 Closes #5542
Diffstat (limited to 'lib')
-rw-r--r--lib/socks.c32
1 files changed, 28 insertions, 4 deletions
diff --git a/lib/socks.c b/lib/socks.c
index 4c1af7b9d..b2215fef3 100644
--- a/lib/socks.c
+++ b/lib/socks.c
@@ -382,6 +382,11 @@ CURLcode Curl_SOCKS4(const char *proxy_user,
curl_easy_strerror(result));
return CURLE_COULDNT_CONNECT;
}
+ else if(!result && !actualread) {
+ /* connection closed */
+ failf(data, "connection to proxy closed");
+ return CURLE_COULDNT_CONNECT;
+ }
else if(actualread != sx->outstanding) {
/* remain in reading state */
sx->outstanding -= actualread;
@@ -592,6 +597,11 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
failf(data, "Unable to receive initial SOCKS5 response.");
return CURLE_COULDNT_CONNECT;
}
+ else if(!result && !actualread) {
+ /* connection closed */
+ failf(data, "Connection to proxy closed");
+ return CURLE_COULDNT_CONNECT;
+ }
else if(actualread != sx->outstanding) {
/* remain in reading state */
sx->outstanding -= actualread;
@@ -717,15 +727,19 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
failf(data, "Unable to receive SOCKS5 sub-negotiation response.");
return CURLE_COULDNT_CONNECT;
}
- if(actualread != sx->outstanding) {
+ else if(!result && !actualread) {
+ /* connection closed */
+ failf(data, "connection to proxy closed");
+ return CURLE_COULDNT_CONNECT;
+ }
+ else if(actualread != sx->outstanding) {
/* remain in state */
sx->outstanding -= actualread;
sx->outp += actualread;
return CURLE_OK;
}
-
/* ignore the first (VER) byte */
- if(socksreq[1] != 0) { /* status */
+ else if(socksreq[1] != 0) { /* status */
failf(data, "User was rejected by the SOCKS5 server (%d %d).",
socksreq[0], socksreq[1]);
return CURLE_COULDNT_CONNECT;
@@ -890,6 +904,11 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
failf(data, "Failed to receive SOCKS5 connect request ack.");
return CURLE_COULDNT_CONNECT;
}
+ else if(!result && !actualread) {
+ /* connection closed */
+ failf(data, "connection to proxy closed");
+ return CURLE_COULDNT_CONNECT;
+ }
else if(actualread != sx->outstanding) {
/* remain in state */
sx->outstanding -= actualread;
@@ -967,7 +986,12 @@ CURLcode Curl_SOCKS5(const char *proxy_user,
failf(data, "Failed to receive SOCKS5 connect request ack.");
return CURLE_COULDNT_CONNECT;
}
- if(actualread != sx->outstanding) {
+ else if(!result && !actualread) {
+ /* connection closed */
+ failf(data, "connection to proxy closed");
+ return CURLE_COULDNT_CONNECT;
+ }
+ else if(actualread != sx->outstanding) {
/* remain in state */
sx->outstanding -= actualread;
sx->outp += actualread;