bugzilla-daemon at mindrot.org
2015-Jun-25 12:15 UTC
[Bug 2417] New: SOCKS5 should respond with appropriate error reply in error situations
https://bugzilla.mindrot.org/show_bug.cgi?id=2417 Bug ID: 2417 Summary: SOCKS5 should respond with appropriate error reply in error situations Product: Portable OpenSSH Version: 6.8p1 Hardware: All OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: mindrot.org at outerspace.dyndns.org Created attachment 2656 --> https://bugzilla.mindrot.org/attachment.cgi?id=2656&action=edit Initial implementation proposal with a few TODOs that I don't know how to implement - report "bad address type" error if requested address type is not supported - report "ruleset block" error if requested hostname too long - report "ruleset block", "connection refused" or "generic error" if server-side connection attempt failure result is "administratively prohibited", "connect failed" or something else, respectively. -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Jun-25 12:17 UTC
[Bug 2417] SOCKS5 should respond with appropriate error reply in error situations
https://bugzilla.mindrot.org/show_bug.cgi?id=2417 Jonas Berlin <mindrot.org at outerspace.dyndns.org> changed: What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugzilla.mindrot.or | |g/show_bug.cgi?id=2250 --- Comment #1 from Jonas Berlin <mindrot.org at outerspace.dyndns.org> --- This bug complements bug #2250 which handles one additional error situation -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Jun-25 12:22 UTC
[Bug 2417] SOCKS5 should respond with appropriate error reply in error situations
https://bugzilla.mindrot.org/show_bug.cgi?id=2417 Jonas Berlin <mindrot.org at outerspace.dyndns.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2656|0 |1 is obsolete| | --- Comment #2 from Jonas Berlin <mindrot.org at outerspace.dyndns.org> --- Created attachment 2657 --> https://bugzilla.mindrot.org/attachment.cgi?id=2657&action=edit Initial implementation proposal with a few TODOs that I don't know how to implement removes #define that is already added by bug #2250 and not actually needed for this bug -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at mindrot.org
2015-Jun-25 18:18 UTC
[Bug 2417] SOCKS5 should respond with appropriate error reply in error situations
https://bugzilla.mindrot.org/show_bug.cgi?id=2417 Jonas Berlin <mindrot.org at outerspace.dyndns.org> changed: What |Removed |Added ---------------------------------------------------------------------------- OS|Linux |All -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2015-Oct-30 22:18 UTC
[Bug 2417] SOCKS5 should respond with appropriate error reply in error situations
https://bugzilla.mindrot.org/show_bug.cgi?id=2417 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #2657|0 |1 is obsolete| | CC| |djm at mindrot.org Status|NEW |ASSIGNED Assignee|unassigned-bugs at mindrot.org |djm at mindrot.org --- Comment #3 from Damien Miller <djm at mindrot.org> --- Created attachment 2744 --> https://bugzilla.mindrot.org/attachment.cgi?id=2744&action=edit tidied diff I've tidied the diff up a bit, but I think we need some extra support in the channels code to allow the reply to connfailed requests to be sent in a timely manner. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2016-Jun-17 04:52 UTC
[Bug 2417] SOCKS5 should respond with appropriate error reply in error situations
https://bugzilla.mindrot.org/show_bug.cgi?id=2417 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2250 --- Comment #4 from Damien Miller <djm at mindrot.org> --- Fixing this is required for Bug 2250 too, but I'm not going to attempt it until the channels code has been refactored a bit. Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=2250 [Bug 2250] SOCKS5 should return "NO ACCEPTABLE METHODS" instead of nothing -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
Reasonably Related Threads
- [Bug 2250] New: SOCKS5 should return "NO ACCEPTABLE METHODS" instead of nothing
- [Bug 533] PANIC: divide by zero in xt_connbytes
- openssh 2.9: socks5 support? and support for RSA SECURID (one-t ime password)?
- SOCKS5 and UDP
- Patch for Socks5 support for dynamic portforwaring?