socks: Make SafeSocks refuse SOCKS4 and accept SOCKS4a

The logic was inverted. Introduced in commit 9155e08450fe7a609f8223202e8aa7dfbca20a6d. This was reported through our bug bounty program on H1. It fixes the TROVE-2022-002. Fixes #40730 Signed-off-by: David Goulet <dgoulet@torproject.org>
author: David Goulet <dgoulet@torproject.org> 2022-12-12 10:02:07 -0500
committer: David Goulet <dgoulet@torproject.org> 2022-12-12 10:02:07 -0500
commit: a282145b3634547ab84ccd959d0537c021ff7ffc (patch)
tree: c506cf36a81303d725a1ff3737aff00f830d1085 /changes/ticket40730
parent: b117ce48dbde5d285a9cbe8ef9c2b7607245c0dc (diff)
download: tor-a282145b3634547ab84ccd959d0537c021ff7ffc.tar.gz
tor-a282145b3634547ab84ccd959d0537c021ff7ffc.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/changes/ticket40730 b/changes/ticket40730
new file mode 100644
index 0000000000..f6d4c9de3b
--- /dev/null
+++ b/changes/ticket40730
@@ -0,0 +1,5 @@
+  o Major bugfixes (TROVE-2022-002, client):
+    - The SafeSocks option had its logic inverted for SOCKS4 and SOCKS4a. It
+      would let the unsafe SOCKS4 pass but not the safe SOCKS4a one. This is
+      TROVE-2022-002 which was reported on Hackerone by "cojabo". Fixes bug
+      40730; bugfix on 0.3.5.1-alpha.
author	David Goulet <dgoulet@torproject.org>	2022-12-12 10:02:07 -0500
committer	David Goulet <dgoulet@torproject.org>	2022-12-12 10:02:07 -0500
commit	a282145b3634547ab84ccd959d0537c021ff7ffc (patch)
tree	c506cf36a81303d725a1ff3737aff00f830d1085 /changes/ticket40730
parent	b117ce48dbde5d285a9cbe8ef9c2b7607245c0dc (diff)
download	tor-a282145b3634547ab84ccd959d0537c021ff7ffc.tar.gz tor-a282145b3634547ab84ccd959d0537c021ff7ffc.zip