r11645@Kushana: nickm | 2006-12-19 14:22:36 -0500

Reject hostnames with invalid characters, in an attempt to catch more errors earlier. Add an option to disable this behavior. svn:r9156
author: Nick Mathewson <nickm@torproject.org> 2006-12-19 19:48:58 +0000
committer: Nick Mathewson <nickm@torproject.org> 2006-12-19 19:48:58 +0000
commit: bf6702cf8b8f251356b72a8276fefbdeb6eca453 (patch)
tree: 196b03caa491e058c4fc7d6b3b8dc6be36420d6c /ChangeLog
parent: 1ce86f1fca841b5c214bc0762507c38f04e4ab8f (diff)
download: tor-bf6702cf8b8f251356b72a8276fefbdeb6eca453.tar.gz
tor-bf6702cf8b8f251356b72a8276fefbdeb6eca453.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 90c53f6b3c..9217f7aa4a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -25,6 +25,10 @@ Changes in version 0.1.2.5-xxxx - 200?-??-??
       NNTP by default, so this seems like a sensible addition.
     - Authorities do not recommend exits as guards if this would shift excess
       load to the exit nodes.
+    - Avoid some inadvertent info leaks by making clients reject hostnames
+      with invalid characters.  Add an option to disable this behavior,
+      in case somebody is running a private network with hosts called @, !,
+      and #.
 
   o Security bugfixes:
     - Stop sending the HttpProxyAuthenticator string to directory
author	Nick Mathewson <nickm@torproject.org>	2006-12-19 19:48:58 +0000
committer	Nick Mathewson <nickm@torproject.org>	2006-12-19 19:48:58 +0000
commit	bf6702cf8b8f251356b72a8276fefbdeb6eca453 (patch)
tree	196b03caa491e058c4fc7d6b3b8dc6be36420d6c /ChangeLog
parent	1ce86f1fca841b5c214bc0762507c38f04e4ab8f (diff)
download	tor-bf6702cf8b8f251356b72a8276fefbdeb6eca453.tar.gz tor-bf6702cf8b8f251356b72a8276fefbdeb6eca453.zip