Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix name resolution for socks4 proxy. #1214

Closed
wants to merge 1 commit into from

Conversation

@landgraf
Copy link

commented May 11, 2018

Previously client didn't try to resolve hostname prior to sending
request to proxy. It violates SOCKS4a specification which says
DSTIP should be set to .X if client cannot resolve the destination
host and may be problematic in some environments.
This behaviour can be overriden with --nodns option (to force client to
use socks4a extention);

Fix name resolution for socks4 proxy.
Previously client didn't try to resolve hostname prior to sending
request to proxy. It violates SOCKS4a specification which says
DSTIP should be set to .X if client cannot resolve the destination
host and may be problematic in some environments.
This behaviour can be overriden with --nodns option (to force client to
use socks4a extention);

Bug-Url: https://bugzilla.redhat.com/1573148
@nnposter

This comment has been minimized.

Copy link

commented Jan 22, 2019

The change, if I understand it correctly, would substantially break backwards compatibility. Namely, I can currently connect like this:

ncat --proxy myproxy.org --proxy-type socks4 mytarget.org 80

which performs remote DNS lookup of mytarget.org by the proxy. With your change, I am supposed to do this instead:

ncat --nodns --proxy myproxy.org --proxy-type socks4 mytarget.org 80

which will fail, because myproxy.org is not an IP address. So I would be forced to perform the proxy lookup myself prior to invoking ncat.

I believe that a better approach could be to decouple hostname resolution of proxy destinations from all the other resolutions, which need to be inherently done locally.

Could you please take a look at #1439 and let me know if it would meet your needs?

@nnposter nnposter self-assigned this Jan 22, 2019

@nnposter

This comment has been minimized.

Copy link

commented Feb 23, 2019

Ability to control DNS resolution implemented in r37586. Thank you for raising up the issue.

@nmap-bot nmap-bot closed this in dbed133 Feb 24, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.