[tor-bugs] #8117 [Tor]: Tor SOCKS handshake makes SOCKS circuit isolation non-functional for many apps
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Dec 24 16:50:06 UTC 2013
#8117: Tor SOCKS handshake makes SOCKS circuit isolation non-functional for many
apps
---------------------------+-----------------------------------------------
Reporter: | Owner:
cypherpunks | Status: needs_revision
Type: defect | Milestone: Tor: 0.2.3.x-final
Priority: major | Version: Tor: 0.2.3.25
Component: Tor | Keywords: tor-client isolation 023-backport
Resolution: | Parent ID:
Actual Points: |
Points: |
---------------------------+-----------------------------------------------
Comment (by nickm):
The commits in nickm/bug8117_023 were
a264c4fedab87ce7c8cbb94632657a90e95e7a4e and
fa3c23773944788125db2f67bcb048376c17fec9. They got merged in Tor
0.2.4.12-alpha. Their changes entry was:
{{{
+
+ - Many SOCKS5 clients, when configured to offer a username/password,
+ offer both username/password authentication and "no
authentication".
+ Tor had previously preferred no authentication, but this was
+ problematic when trying to make applications get proper stream
+ isolation with IsolateSOCKSAuth. Now, on any SOCKS port with
+ IsolateSOCKSAuth turned on (which is the default), Tor selects
+ username/password authentication if it's offered. If this confuses
your
+ application, you can disable it on a per-SOCKSPort basis via
+ PreferSOCKSNoAuth. Fixes bug 8117; bugfix on 0.2.3.3-alpha.
}}}
I would be glad to take a documentation fix in 0.2.3. Anybody want to
write one?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8117#comment:27>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list