From 768e30c37b8c997584cc822d8b6c9c963cfc73e1 Mon Sep 17 00:00:00 2001
From: Darien Raymond <admin@v2ray.com>
Date: Fri, 23 Feb 2018 13:55:56 +0100
Subject: [PATCH] disable socks 4 when auth is required.

---
 proxy/socks/protocol.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/proxy/socks/protocol.go b/proxy/socks/protocol.go
index 35689136..8ad4235c 100644
--- a/proxy/socks/protocol.go
+++ b/proxy/socks/protocol.go
@@ -49,6 +49,11 @@ func (s *ServerSession) Handshake(reader io.Reader, writer io.Writer) (*protocol
 
 	version := buffer.Byte(0)
 	if version == socks4Version {
+		if s.config.AuthType == AuthType_PASSWORD {
+			writeSocks4Response(writer, socks4RequestRejected, net.AnyIP, net.Port(0))
+			return nil, newError("socks 4 is not allowed when auth is required.")
+		}
+
 		if err := buffer.AppendSupplier(buf.ReadFullFrom(reader, 6)); err != nil {
 			return nil, newError("insufficient header").Base(err)
 		}