Jump to content
Fr0sT.Brutal

Bug: HTTPTunnel and Socks servers can't have non-IP address

Recommended Posts

HTTP Tunnel and Socks server addresses can not have literal address (including 'localhost') because IPv6 check in `procedure TCustom*WSocket.Connect` throws 'Unsupported address format'. I suppose this check should only test for unavailable IPv6 case (i.e. address is IPv6 but OS doesn't support it).

Share this post


Link to post

Not looked closely, but in ICS setting SocketFamily to sfAny is the common way to avoid IP address checks.  

 

But there were some changes by a contributor in V8.56 to support IPv6 with proxies, so maybe something got broken.

 

Angus

 

Share this post


Link to post

 

Angus, seems it got.

    { V8.56 IPv6 support from Max Terentiev }
    if WSocketIsIP(FSocksServer, LSocketFamily) then begin // is socks proxy IP is IPv6 ?
        if (LSocketFamily = sfIPv4) or (IsIPv6APIAvailable) then
            FSocketFamily := LSocketFamily
        else
            FSocketFamily := DefaultSocketFamily;
      end
      else
         raise ESocketException.Create('Unsupported socks address format');

Current value of FSocketFamily is not considered

Share this post


Link to post

I suspect the logic here should be
 

If address is IP then
  if IP is v4 or v6 available then
    Ffamily := Lfamily
  else
    Error('IPv6 not supported')

  so that it 1) assigns proper FFamily and 2) checks for v6 availability.

Share this post


Link to post

Unfortunately the developer that added SocketFamily and IPv6 never documented it's intended external use.  I've been adding SocketFamily into more components and samples recently now I have IPv6 on all my local and hosted servers, firewall support for IPv6 is in it's infancy and stopped IPv6 working for a long time. 

 

I've been finding DNS lookups may offer an IPv6 address which then fails to connect for various reasons, so you need the ensure SocketFamily is set to sfIPv4 to the alternate IPv4 is used instead.   But that is all done automatically, so not sure that family checking is necessary for proxies, if it's done later anyway.

 

Angus

 

Share this post


Link to post

I've never dealt with IPv6 but for me the purpose of this piece а code is to 1) assign v6 family from v6 IP address so that a user doesn't have to specify the family manually and 2) if IP is v6 check that OS supports it. And I'm not sure whether 2) is necessary, maybe it would fail later anyway on address resolution.

Share this post


Link to post

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×