Skip to content
GitLab

(CVE-2020-6750) Socks5 Proxy: Proxy on a SocketClient set via set_proxy_resolver ignored

Hi,

GLib Version: 2.62.0

Im seeing in my client that 5 times out of 10 the proxy set via SocketClient.set_proxy_resolver() is simply ignored without any error whatsoever, and SocketClient just connects to the destination address without proxy.

I would consider this a big privacy/security issue.

Maybe someone can try to reproduce this themself

from my application logs it looks like this

23:16:56 INFO    nbxmpp.tcp         Set Proxy: socks5://37.120.155.227:1080
**<Gio.SimpleProxyResolver object at 0x7f77d8bc89b0 (GSimpleProxyResolver at 0x2c8a0d0)>**
23:16:56 INFO    nbxmpp.tcp         Try to connect to 2a03:4000:34:3a4:::5223
23:16:56 INFO    nbxmpp.connection  Set Connection State: TCPState.CONNECTING
<Gio.SocketClient object at 0x7f77d8bc82d0 (GSocketClient at 0x2b666e0)> <enum G_SOCKET_CLIENT_RESOLVING of type Gio.SocketClientEvent> <Gio.InetSocketAddress object at 0x7f77d8bccc30 (GInetSocketAddress at 0x2eec1a0)> None
<Gio.SocketClient object at 0x7f77d8bc82d0 (GSocketClient at 0x2b666e0)> <enum G_SOCKET_CLIENT_RESOLVED of type Gio.SocketClientEvent> <Gio.InetSocketAddress object at 0x7f77d8bbfc30 (GInetSocketAddress at 0x2eec1a0)> None
<Gio.SocketClient object at 0x7f77d8bc82d0 (GSocketClient at 0x2b666e0)> <enum G_SOCKET_CLIENT_CONNECTING of type Gio.SocketClientEvent> <Gio.InetSocketAddress object at 0x7f77d8bbfc30 (GInetSocketAddress at 0x2eec1a0)> <Gio.TcpConnection object at 0x7f77d913ccd0 (GTcpConnection at 0x2c8ad90)>
<Gio.SocketClient object at 0x7f77d8bc82d0 (GSocketClient at 0x2b666e0)> <enum G_SOCKET_CLIENT_RESOLVING of type Gio.SocketClientEvent> <Gio.InetSocketAddress object at 0x7f77d8bbfc30 (GInetSocketAddress at 0x2eec1a0)> None
<Gio.SocketClient object at 0x7f77d8bc82d0 (GSocketClient at 0x2b666e0)> <enum G_SOCKET_CLIENT_CONNECTED of type Gio.SocketClientEvent> <Gio.InetSocketAddress object at 0x7f77d8bbfc30 (GInetSocketAddress at 0x2eec1a0)> <Gio.TcpConnection object at 0x7f77d913ccd0 (GTcpConnection at 0x2c8ad90)>
<Gio.SocketClient object at 0x7f77d8bc82d0 (GSocketClient at 0x2b666e0)> <enum G_SOCKET_CLIENT_COMPLETE of type Gio.SocketClientEvent> <Gio.InetSocketAddress object at 0x7f77d8bbfc30 (GInetSocketAddress at 0x2eec1a0)> <Gio.TcpConnection object at 0x7f77d913ccd0 (GTcpConnection at 0x2c8ad90)>
**True**
**<Gio.SimpleProxyResolver object at 0x7f77d8bc89b0 (GSimpleProxyResolver at 0x2c8a0d0)>**
23:16:56 INFO    nbxmpp.connection  Set Connection State: TCPState.CONNECTED
23:16:56 INFO    nbxmpp.connection  Signal: connected

I made sure that proxy-enabled is set, and made sure the SimpleProxyResolver object is set on the SocketClient, before and after connecting to the server.

I happy to provide more info if needed

Edited by Michael Catanzaro