===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/nc/socks.c,v
retrieving revision 1.21
retrieving revision 1.22
diff -c -r1.21 -r1.22
*** src/usr.bin/nc/socks.c	2015/03/26 21:19:51	1.21
--- src/usr.bin/nc/socks.c	2015/12/10 16:49:28	1.22
***************
*** 1,4 ****
! /*	$OpenBSD: socks.c,v 1.21 2015/03/26 21:19:51 tobias Exp $	*/
  
  /*
   * Copyright (c) 1999 Niklas Hallqvist.  All rights reserved.
--- 1,4 ----
! /*	$OpenBSD: socks.c,v 1.22 2015/12/10 16:49:28 mmcc Exp $	*/
  
  /*
   * Copyright (c) 1999 Niklas Hallqvist.  All rights reserved.
***************
*** 122,127 ****
--- 122,179 ----
  	return (pw);
  }
  
+ /*
+  * Error strings adapted from the generally accepted SOCKSv4 spec:
+  *
+  * http://ftp.icm.edu.pl/packages/socks/socks4/SOCKS4.protocol
+  */
+ static const char *
+ socks4_strerror(int e)
+ {
+ 	switch (e) {
+ 	case 90:
+ 		return "Succeeded";
+ 	case 91:
+ 		return "Request rejected or failed";
+ 	case 92:
+ 		return "SOCKS server cannot connect to identd on the client";
+ 	case 93:
+ 		return "Client program and identd report different user-ids";
+ 	default:
+ 		return "Unknown error";
+ 	}
+ }
+ 
+ /*
+  * Error strings taken almost directly from RFC 1928.
+  */
+ static const char *
+ socks5_strerror(int e)
+ {
+ 	switch (e) {
+ 	case 0:
+ 		return "Succeeded";
+ 	case 1:
+ 		return "General SOCKS server failure";
+ 	case 2:
+ 		return "Connection not allowed by ruleset";
+ 	case 3:
+ 		return "Network unreachable";
+ 	case 4:
+ 		return "Host unreachable";
+ 	case 5:
+ 		return "Connection refused";
+ 	case 6:
+ 		return "TTL expired";
+ 	case 7:
+ 		return "Command not supported";
+ 	case 8:
+ 		return "Address type not supported";
+ 	default:
+ 		return "Unknown error";
+ 	}
+ }
+ 
  int
  socks_connect(const char *host, const char *port,
      struct addrinfo hints __attribute__ ((__unused__)),
***************
*** 225,232 ****
  		cnt = atomicio(read, proxyfd, buf, 4);
  		if (cnt != 4)
  			err(1, "read failed (%zu/4)", cnt);
! 		if (buf[1] != 0)
! 			errx(1, "connection failed, SOCKS error %d", buf[1]);
  		switch (buf[3]) {
  		case SOCKS_IPV4:
  			cnt = atomicio(read, proxyfd, buf + 4, 6);
--- 277,286 ----
  		cnt = atomicio(read, proxyfd, buf, 4);
  		if (cnt != 4)
  			err(1, "read failed (%zu/4)", cnt);
! 		if (buf[1] != 0) {
! 			errx(1, "connection failed, SOCKS error: %s",
! 			    socks5_strerror(buf[1]));
! 		}
  		switch (buf[3]) {
  		case SOCKS_IPV4:
  			cnt = atomicio(read, proxyfd, buf + 4, 6);
***************
*** 261,268 ****
  		cnt = atomicio(read, proxyfd, buf, 8);
  		if (cnt != 8)
  			err(1, "read failed (%zu/8)", cnt);
! 		if (buf[1] != 90)
! 			errx(1, "connection failed, SOCKS error %d", buf[1]);
  	} else if (socksv == -1) {
  		/* HTTP proxy CONNECT */
  
--- 315,324 ----
  		cnt = atomicio(read, proxyfd, buf, 8);
  		if (cnt != 8)
  			err(1, "read failed (%zu/8)", cnt);
! 		if (buf[1] != 90) {
! 			errx(1, "connection failed, SOCKS error: %s",
! 			    socks4_strerror(buf[1]));
! 		}
  	} else if (socksv == -1) {
  		/* HTTP proxy CONNECT */