EC_TTL_EXPIRED error is sent down idle connection, and treated as application-layer traffic by client #53
Comments
bschofield
pushed a commit
to bschofield/microsocks
that referenced
this issue
Feb 1, 2022
bschofield
added a commit
to bschofield/microsocks
that referenced
this issue
Feb 1, 2022
…eceives an EC_SUCCESS message and the client thread passes control to copyloop(), which then proxies application-layer data. If both the client and remote connections are idle for too long, the call to poll() inside copyloop() returns zero, giving microsocks the opportunity to reap the inactive connection. Before closing the idle connection an EC_TTL_EXPIRED message is returned to the client. Since the client has already previously received EC_SUCCESS, it believes it is receiving application-layer data from the proxied target. This causes the user to receive a false \x05\x06\x00\x01\x00\x00\x00\x00\x00\x00 data sequence before the connection is closed. This commit removes the call to send_error() that returns the EC_TTL_EXPIRED message for an idle connection. An EC_TTL_EXPIRED error can still correctly be returned in the case where the initial socket() call to the remote address returns ETIMEDOUT. Fixes issue rofl0r#53.
bschofield
added a commit
to bschofield/microsocks
that referenced
this issue
Feb 1, 2022
In the case where connect_socks_target() succeeds, the proxy client receives an EC_SUCCESS message and the client thread passes control to copyloop(), which then proxies application-layer data. If both the client and remote connections are idle for too long, the call to poll() inside copyloop() returns zero, giving microsocks the opportunity to reap the inactive connection. Before closing the idle connection an EC_TTL_EXPIRED message is returned to the client. Since the client has already previously received EC_SUCCESS, it believes it is receiving application-layer data from the proxied target. This causes the user to receive a false \x05\x06\x00\x01\x00\x00\x00\x00\x00\x00 data sequence before the connection is closed. This commit removes the call to send_error() that returns the EC_TTL_EXPIRED message for an idle connection. An EC_TTL_EXPIRED error can still correctly be returned in the case where the initial socket() call to the remote address returns ETIMEDOUT. Fixes issue rofl0r#53.
rofl0r
pushed a commit
that referenced
this issue
Feb 1, 2022
In the case where connect_socks_target() succeeds, the proxy client receives an EC_SUCCESS message and the client thread passes control to copyloop(), which then proxies application-layer data. If both the client and remote connections are idle for too long, the call to poll() inside copyloop() returns zero, giving microsocks the opportunity to reap the inactive connection. Before closing the idle connection an EC_TTL_EXPIRED message is returned to the client. Since the client has already previously received EC_SUCCESS, it believes it is receiving application-layer data from the proxied target. This causes the user to receive a false \x05\x06\x00\x01\x00\x00\x00\x00\x00\x00 data sequence before the connection is closed. This commit removes the call to send_error() that returns the EC_TTL_EXPIRED message for an idle connection. An EC_TTL_EXPIRED error can still correctly be returned in the case where the initial socket() call to the remote address returns ETIMEDOUT. Fixes issue #53.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In the case where
connect_socks_target()succeeds, the proxy client receives anEC_SUCCESSmessage and the client thread passes control tocopyloop().If both the client and remote connections are idle for too long, the call to
poll()insidecopyloop()returns zero, giving microsocks the opportunity to reap the inactive connection. This seems sensible. However, before closing the connection anEC_TTL_EXPIREDmessage is returned to the client:Because the client has already previously received
EC_SUCCESS, it believes it is receiving application-layer data from the proxied target. With at least the client I was using (golang), this causes the user to receive a false\x05\x06\x00\x01\x00\x00\x00\x00\x00\x00data sequence before the connection is closed.From my reading of RFC1928, it isn't possible to send further control messages after an
EC_SUCCESS. Am I reading that correctly, and if so should this call tosend_error()be removed?The text was updated successfully, but these errors were encountered: