unsafe stripping of port from hostname in http.c (incompatibility SNI sniffing with IPv6) #1945
Comments
|
Please open a pull request instead. |
|
@dlundquist has fixed it: |
madeye
added a commit
that referenced
this issue
Feb 27, 2018
leesah
pushed a commit
to leesah/shadowsocks-libev
that referenced
this issue
Mar 14, 2018
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
What version of shadowsocks-libev are you using?
Latest
What operating system are you using?
Linux
What did you do?
I've send the following request to [2001:470:1:18::119]:
GET /ip/?callback=?&testdomain=test-ipv6.com&testname=test_ipv6 HTTP/1.1\r\nHost: [2001:470:1:18::119]\r\n\r\nwith
atyp=4(IPv6)What did you expect to see?
INFO connect to [2001:470:1:18::119]:80
What did you see instead?
Pure IPv6 address truncated:
INFO connect to [2001:470:1:18::80
What is your config in detail (with all sensitive info masked)?
No matter. Problem in SNI sniffing (
parse_http_header()func in http.c).IPv6 address without port has been truncated by the last colon.
I've described it and proposed a patch here
The text was updated successfully, but these errors were encountered: