[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #11215 [BridgeDB]: Add timestamp/expiry to HMAC verification code in BridgeDB's local CAPTCHAs



#11215: Add timestamp/expiry to HMAC verification code in BridgeDB's local CAPTCHAs
-------------------------+-------------------------------------------------
     Reporter:  isis     |      Owner:  isis
         Type:  defect   |     Status:  needs_review
     Priority:  major    |  Milestone:
    Component:           |    Version:
  BridgeDB               |   Keywords:  bridgedb-https, security,
   Resolution:           |  bridgedb-0.2.1, easy
Actual Points:           |  Parent ID:
       Points:           |
-------------------------+-------------------------------------------------
Changes (by isis):

 * keywords:  bridgedb-https, security, bridgedb-0.1.6, easy => bridgedb-
     https, security, bridgedb-0.2.1, easy
 * status:  new => needs_review


Comment:

 Fixed in my `fix/11215-captcha-timeouts`
 [https://gitweb.torproject.org/user/isislovecruft/bridgedb.git/log/refs/heads/fix/11215
 -captcha-timeouts branch].

 The default is to timeout 30 minutes after the client has been given the
 CAPTCHA.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11215#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs