When Ncat is acting as a proxy client, the remote proxy server is specified as --proxy <addr>[:<port>]. In case of literal IPv6 the option syntax has two quirks:
The port part becomes mandatory
The result can be confusing, such as --proxy 2001:db8::123:456
I am proposing to adopt the well-established square-bracket notation, making the example above much more clear (--proxy [2001:db8::123]:456) and also providing support for default port numbers.
The controversial part is that this change breaks backward command-line compatibility. The original example would be now interpreted as the default port at address 2001:db8::123:456, instead of port 456 at address 2001:db8::123.
--- a/ncat/ncat_main.c+++ b/ncat/ncat_main.c@@ -164,12 +164,21 @@
static size_t parseproxy(char *str, struct sockaddr_storage *ss,
size_t *sslen, unsigned short *portno)
{
- char *p = strrchr(str, ':');+ char *p = str;
char *q;
long pno;
int rc;
- if (p != NULL) {+ if (*p == '[') {+ p = strchr(p, ']');+ if (p == NULL)+ bye("Invalid proxy IPv6 address \"%s\".", str);+ ++str;+ *p++ = '\0';+ }++ p = strchr(p, ':');+ if (p != NULL && strchr(p + 1, ':') == NULL) {
*p++ = '\0';
pno = strtol(p, &q, 10);
if (pno < 1 || pno > 0xFFFF || *q)
--- a/ncat/docs/ncat.xml+++ b/ncat/docs/ncat.xml@@ -429,8 +429,10 @@
using the protocol specified by <option>--proxy-type</option>.</para>
<para>If no port is specified, the proxy protocol's well-known port is used (1080 for
- SOCKS and 3128 for HTTP). However, when specifying an IPv6 HTTP proxy server using- the IP address rather than the hostname, the port number MUST be specified as well.+ SOCKS and 3128 for HTTP). When specifying an IPv6 HTTP proxy server+ using the IP address rather than the hostname, the square-bracket+ notation (for example [2001:db8::1]:8080) MUST be used to separate+ the port from the IPv6 address.
If the proxy requires authentication, use <option>--proxy-auth</option>.</para>
</listitem>
</varlistentry>
The text was updated successfully, but these errors were encountered:
When Ncat is acting as a proxy client, the remote proxy server is specified as
--proxy <addr>[:<port>]
. In case of literal IPv6 the option syntax has two quirks:--proxy 2001:db8::123:456
I am proposing to adopt the well-established square-bracket notation, making the example above much more clear (
--proxy [2001:db8::123]:456
) and also providing support for default port numbers.The controversial part is that this change breaks backward command-line compatibility. The original example would be now interpreted as the default port at address
2001:db8::123:456
, instead of port456
at address2001:db8::123
.The text was updated successfully, but these errors were encountered: