SOCKS5 stopped to work after upgrade from 0.6.2 to 0.6.3.2 #1134

New Issue

2018-02-15T14:47:56+01:00

Zenitur commented

2018-02-15 14:47:56 +01:00

(Migrated from github.com)

Exception in thread ReceiveQueue_2:
Traceback (most recent call last):
  File "/usr/lib/python2.7/threading.py", line 552, in __bootstrap_inner
    self.run()
  File "/usr/local/lib/python2.7/dist-packages/pybitmessage/network/receivequeuethread.py", line 43, in run
    BMConnectionPool().getConnectionByAddr(dest).process()
  File "/usr/local/lib/python2.7/dist-packages/pybitmessage/network/advanceddispatcher.py", line 61, in process
    if not getattr(self, "state_" + str(self.state))():
  File "/usr/local/lib/python2.7/dist-packages/pybitmessage/network/socks5.py", line 42, in state_auth_1
    ret = struct.unpack('BB', self.read_buf)
error: unpack requires a string argument of length 2

Python 2.7

``` Exception in thread ReceiveQueue_2: Traceback (most recent call last): File "/usr/lib/python2.7/threading.py", line 552, in __bootstrap_inner self.run() File "/usr/local/lib/python2.7/dist-packages/pybitmessage/network/receivequeuethread.py", line 43, in run BMConnectionPool().getConnectionByAddr(dest).process() File "/usr/local/lib/python2.7/dist-packages/pybitmessage/network/advanceddispatcher.py", line 61, in process if not getattr(self, "state_" + str(self.state))(): File "/usr/local/lib/python2.7/dist-packages/pybitmessage/network/socks5.py", line 42, in state_auth_1 ret = struct.unpack('BB', self.read_buf) error: unpack requires a string argument of length 2 ``` Python 2.7

PeterSurda commented

2018-02-15 15:16:50 +01:00

(Migrated from github.com)

I had to release 0.6.3 due to the vulnerability before all the details were tested. I haven't tested SOCKS5 authentication so it's possible it doesn't work. It works without authentication. I am still trying to get the binaries built so I don't have time today but if someone would like to submit a pull request, I'd be very happy to merge it.

Zenitur commented

2018-02-15 15:32:22 +01:00

(Migrated from github.com)

I think it's hard to be maintainer when 0-day issue appear in an inopportune moment. All ok.

PeterSurda commented

2018-02-15 16:12:05 +01:00

(Migrated from github.com)

If you need SOCKS authentication, you can downgrade to 0.6.1, that is not vulnerable to the exploit and the SOCKS code is working.

PeterSurda commented

2018-02-18 22:46:04 +01:00

(Migrated from github.com)

I added socks authentication to the v0.6 branch but I only have very limited ability to test it. Can you try it?

navjotcis commented

2020-09-28 14:25:29 +02:00

(Migrated from github.com)

I have tried to reproduce the issue by setting the proxy server/ tor type to SOCKS5 and did not face the above problem. Can anybody let me know, Is it working fine now?

navjotcis commented

2020-10-08 15:08:43 +02:00

(Migrated from github.com)

I have followed https://community.hetzner.com/tutorials/install-and-configure-danted-proxy-socks5
reference and install Dante-server socks5 and created username and password for authentication and
then tested the connection with curl command and Dante-server is successfully running then I
have tested it with the Qt app and set the network setting according to socks5 username and password
authentication and tested message sending and receiving and both work fine.

I have followed `https://community.hetzner.com/tutorials/install-and-configure-danted-proxy-socks5` reference and install Dante-server socks5 and created username and password for authentication and then tested the connection with curl command and Dante-server is successfully running then I have tested it with the Qt app and set the network setting according to socks5 username and password authentication and tested message sending and receiving and both work fine.

👍 1

PeterSurda commented

2020-10-08 15:28:56 +02:00

(Migrated from github.com)

Closing as the tests show no issue, current SOCKS5 code works with authentication.

This repo is archived. You cannot comment on issues.