Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix name resolution for socks4 proxy. #1214

Closed
wants to merge 1 commit into from
Closed

Fix name resolution for socks4 proxy. #1214

wants to merge 1 commit into from

Conversation

landgraf
Copy link

Previously client didn't try to resolve hostname prior to sending
request to proxy. It violates SOCKS4a specification which says
DSTIP should be set to .X if client cannot resolve the destination
host and may be problematic in some environments.
This behaviour can be overriden with --nodns option (to force client to
use socks4a extention);

Previously client didn't try to resolve hostname prior to sending
request to proxy. It violates SOCKS4a specification which says
DSTIP should be set to .X if client cannot resolve the destination
host and may be problematic in some environments.
This behaviour can be overriden with --nodns option (to force client to
use socks4a extention);

Bug-Url: https://bugzilla.redhat.com/1573148
@nnposter
Copy link

The change, if I understand it correctly, would substantially break backwards compatibility. Namely, I can currently connect like this:

ncat --proxy myproxy.org --proxy-type socks4 mytarget.org 80

which performs remote DNS lookup of mytarget.org by the proxy. With your change, I am supposed to do this instead:

ncat --nodns --proxy myproxy.org --proxy-type socks4 mytarget.org 80

which will fail, because myproxy.org is not an IP address. So I would be forced to perform the proxy lookup myself prior to invoking ncat.

I believe that a better approach could be to decouple hostname resolution of proxy destinations from all the other resolutions, which need to be inherently done locally.

Could you please take a look at #1439 and let me know if it would meet your needs?

@nnposter nnposter self-assigned this Jan 22, 2019
@nnposter
Copy link

Ability to control DNS resolution implemented in r37586. Thank you for raising up the issue.

@nmap-bot nmap-bot closed this in dbed133 Feb 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants