[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-bugs] #1666 [Tor Client]: SOCKS handling should accept (and ignore) password auth.
#1666: SOCKS handling should accept (and ignore) password auth.
-------------------------+--------------------------------------------------
Reporter: nickm | Owner: mwenge
Type: enhancement | Status: needs_review
Priority: minor | Milestone:
Component: Tor Client | Version:
Keywords: | Parent:
-------------------------+--------------------------------------------------
Comment(by mwenge):
Replying to [comment:6 nickm]:
> Also, sadly, this code is going to need some light refactoring to work
now that we've merged the bufferevents branch. It's worth doing, since we
want to also port those &@# unit tests.
>
Done.
> It looks like a config_register_addressmaps change leaked into this
patch; see config.h and config.c.
>
I need to expose config_register_addressmaps for the unit tests.
> Also, it looks like the new parsing code doesn't actually make sure that
the username/password stuff appears as the *second* thing the client says.
We should make sure we check for that.
Done.
>
> Also, is it really disallowed for the client to start writing data
before the socks handshake is done? What's the harm in allowing extra
data?
You mean after the method has been negotiated we just clobber the rest of
the packet?
{{{
/* remove packet from buf. also remove any other extraneous
* bytes, to support broken socks clients. */
*drain_out = -1;
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/1666#comment:7>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs