disable socks 4 when auth is required.

2018-02-23 13:55:56 +01:00 · 2018-02-23 13:55:56 +01:00 · 768e30c37b
parent 16c6a5f078
commit 768e30c37b
1 changed files with 5 additions and 0 deletions
--- a/proxy/socks/protocol.go
+++ b/proxy/socks/protocol.go
@ -49,6 +49,11 @@ func (s *ServerSession) Handshake(reader io.Reader, writer io.Writer) (*protocol

 	version := buffer.Byte(0)
 	if version == socks4Version {
+		if s.config.AuthType == AuthType_PASSWORD {
+			writeSocks4Response(writer, socks4RequestRejected, net.AnyIP, net.Port(0))
+			return nil, newError("socks 4 is not allowed when auth is required.")
+		}
+
 		if err := buffer.AppendSupplier(buf.ReadFullFrom(reader, 6)); err != nil {
 			return nil, newError("insufficient header").Base(err)
 		}