diff options
| author | Nick Mathewson <nickm@torproject.org> | 2020-11-12 11:07:33 -0500 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2020-11-12 11:07:33 -0500 |
| commit | ffa7b15950a3274a03b0957425bcaa9952213046 (patch) | |
| tree | 15f22e4b3a4ef8854a2a61a288dff0f55bea72f2 /changes | |
| parent | e2d3c9c5f82a1369385dd99765c31ba479ba8f23 (diff) | |
| download | tor-ffa7b15950a3274a03b0957425bcaa9952213046.tar.gz tor-ffa7b15950a3274a03b0957425bcaa9952213046.zip | |
Deliberately close OR connections if proxies leave extra data
We already did this, but we did it by accident, which is pretty
risky: if we hadn't, then our code would have treated extra data in
the inbuf as having been transmitted as TLS-authenticated data.
Closes ticket 40017; Found by opara.
Diffstat (limited to 'changes')
| -rw-r--r-- | changes/bug40017 | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/changes/bug40017 b/changes/bug40017 new file mode 100644 index 0000000000..3f5c2da968 --- /dev/null +++ b/changes/bug40017 @@ -0,0 +1,5 @@ + o Minor features (protocol, proxy support, defense in depth): + - Respond more deliberately to misbehaving proxies that leave leftover + data on their connections, so as to be even less likely as to allow + them to pass their data off as having come from a relay. + Closes ticket 40017. |