cron2 has uploaded a new patch set (#2) to the change originally created by flichtenheld. ( http://gerrit.openvpn.net/c/openvpn/+/1469?usp=email )
The following approvals got outdated and were removed: Code-Review+2 by cron2 Change subject: socks: In establish_socks_proxy_udpassoc check result of recv_socks_reply ...................................................................... socks: In establish_socks_proxy_udpassoc check result of recv_socks_reply Not just check the return value but also that relay_addr is valid. recv_socks_reply doesn't care whether the answer is what we expected. This is probably a very unlikely edge case but it doesn't hurt to check for it here. Reported-By: Joshua Rogers <[email protected]> Found-By: ZeroPath (https://zeropath.com) Github: openvpn-private-issues#13 Change-Id: Ic1c8f24de423541bdc85e70b5a688213800d86de Signed-off-by: Frank Lichtenheld <[email protected]> Acked-by: Gert Doering <[email protected]> Gerrit URL: https://gerrit.openvpn.net/c/openvpn/+/1469 Message-Id: <[email protected]> URL: https://www.mail-archive.com/[email protected]/msg35249.html Signed-off-by: Gert Doering <[email protected]> --- M src/openvpn/socks.c 1 file changed, 6 insertions(+), 2 deletions(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/69/1469/2 diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c index 078b4e1..5cb5912 100644 --- a/src/openvpn/socks.c +++ b/src/openvpn/socks.c @@ -412,8 +412,7 @@ send(ctrl_sd, "\x05\x03\x00\x01\x00\x00\x00\x00\x00\x00", 10, MSG_NOSIGNAL); if (size != 10) { - msg(D_LINK_ERRORS | M_ERRNO, - "establish_socks_proxy_passthru: TCP port write failed on send()"); + msg(D_LINK_ERRORS | M_ERRNO, "%s: TCP port write failed on send()", __func__); goto error; } } @@ -424,6 +423,11 @@ { goto error; } + if (!relay_addr->addr.in4.sin_addr.s_addr) + { + msg(D_LINK_ERRORS, "%s: Socks proxy did not answer with IPv4 address", __func__); + goto error; + } return; -- To view, visit http://gerrit.openvpn.net/c/openvpn/+/1469?usp=email To unsubscribe, or for help writing mail filters, visit http://gerrit.openvpn.net/settings?usp=email Gerrit-MessageType: newpatchset Gerrit-Project: openvpn Gerrit-Branch: master Gerrit-Change-Id: Ic1c8f24de423541bdc85e70b5a688213800d86de Gerrit-Change-Number: 1469 Gerrit-PatchSet: 2 Gerrit-Owner: flichtenheld <[email protected]> Gerrit-Reviewer: cron2 <[email protected]> Gerrit-Reviewer: plaisthos <[email protected]> Gerrit-CC: openvpn-devel <[email protected]>
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
