X-Git-Url: https://www.tinc-vpn.org/git/browse?p=tinc;a=blobdiff_plain;f=src%2Fprotocol_auth.c;h=0ef546822146d5f8b2b5b329e7277fa8fecb2b68;hp=e5c4c1663d70ad5baff2d845de82e3b773da4d4f;hb=3bd810ea79d6933839ddac4a2cf1445c51947d38;hpb=b58d95eb29662bce4388f95dbc5762b9e2999806

diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index e5c4c166..0ef54682 100644
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -67,10 +67,58 @@ static bool send_proxyrequest(connection_t *c) {
 			c->tcplen = 8;
 			return send_meta(c, s4req, sizeof s4req);
 		}
+		case PROXY_SOCKS5: {
+			int len = 3 + 6 + (c->address.sa.sa_family == AF_INET ? 4 : 16);
+			c->tcplen = 2;
+			if(proxypass)
+				len += 3 + strlen(proxyuser) + strlen(proxypass);
+			char s5req[len];
+			int i = 0;
+			s5req[i++] = 5;
+			s5req[i++] = 1;
+			if(proxypass) {
+				s5req[i++] = 2;
+				s5req[i++] = 1;
+				s5req[i++] = strlen(proxyuser);
+				strcpy(s5req + i, proxyuser);
+				i += strlen(proxyuser);
+				s5req[i++] = strlen(proxypass);
+				strcpy(s5req + i, proxypass);
+				i += strlen(proxypass);
+				c->tcplen += 2;
+			} else {
+				s5req[i++] = 0;
+			}
+			s5req[i++] = 5;
+			s5req[i++] = 1;
+			s5req[i++] = 0;
+			if(c->address.sa.sa_family == AF_INET) {
+				s5req[i++] = 1;
+				memcpy(s5req + i, &c->address.in.sin_addr, 4);
+				i += 4;
+				memcpy(s5req + i, &c->address.in.sin_port, 2);
+				i += 2;
+				c->tcplen += 10;
+			} else if(c->address.sa.sa_family == AF_INET6) {
+				s5req[i++] = 3;
+				memcpy(s5req + i, &c->address.in6.sin6_addr, 16);
+				i += 16;
+				memcpy(s5req + i, &c->address.in6.sin6_port, 2);
+				i += 2;
+				c->tcplen += 22;
+			} else {
+				logger(LOG_ERR, "Address family %hx not supported for SOCKS 5 proxies!", c->address.sa.sa_family);
+				return false;
+			}
+			if(i > len)
+				abort();
+			return send_meta(c, s5req, sizeof s5req);
+		}
 		case PROXY_SOCKS4A:
-		case PROXY_SOCKS5:
 			logger(LOG_ERR, "Proxy type not implemented yet");
 			return false;
+		case PROXY_EXEC:
+			return true;
 		default:
 			logger(LOG_ERR, "Unknown proxy type");
 			return false;
@@ -196,8 +244,8 @@ bool send_metakey(connection_t *c) {
 	 */
 
 	if(RSA_public_encrypt(len, (unsigned char *)c->outkey, (unsigned char *)buffer, c->rsa_key, RSA_NO_PADDING) != len) {
-		logger(LOG_ERR, "Error during encryption of meta key for %s (%s)",
-			   c->name, c->hostname);
+		logger(LOG_ERR, "Error during encryption of meta key for %s (%s): %s",
+			   c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
 		return false;
 	}
 
@@ -265,8 +313,8 @@ bool metakey_h(connection_t *c) {
 	/* Decrypt the meta key */
 
 	if(RSA_private_decrypt(len, (unsigned char *)buffer, (unsigned char *)c->inkey, myself->connection->rsa_key, RSA_NO_PADDING) != len) {	/* See challenge() */
-		logger(LOG_ERR, "Error during decryption of meta key for %s (%s)",
-			   c->name, c->hostname);
+		logger(LOG_ERR, "Error during decryption of meta key for %s (%s): %s",
+			   c->name, c->hostname, ERR_error_string(ERR_get_error(), NULL));
 		return false;
 	}