From 5b875a19f2de7da4a7c7cf66a810a4f33b81f57a Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Tue, 25 Feb 2014 10:30:30 -0500
Subject: socks-extensions: we do not in fact ignore usernames

---
 socks-extensions.txt | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'socks-extensions.txt')

diff --git a/socks-extensions.txt b/socks-extensions.txt
index d2c68f1..ab37670 100644
--- a/socks-extensions.txt
+++ b/socks-extensions.txt
@@ -26,18 +26,21 @@ Tor's extensions to the SOCKS protocol
   - The BIND command is not supported.
 
   SOCKS4,4A:
-  - SOCKS4 usernames are ignored.
+  - SOCKS4 usernames are used to implement stream isolation.
 
   SOCKS5:
   - The (SOCKS5) "UDP ASSOCIATE" command is not supported.
   - IPv6 is not supported in CONNECT commands.
   - The "NO AUTHENTICATION REQUIRED" (SOCKS5) authentication method [00] is
     supported; and as of Tor 0.2.3.2-alpha, the "USERNAME/PASSWORD" (SOCKS5)
-    authentication method [02] is supported too. Any credentials passed to
-    the latter are ignored. As an extension to support some broken clients,
+    authentication method [02] is supported too, and used as a method to
+    implement stream isolation. As an extension to support some broken clients,
     we allow clients to pass "USERNAME/PASSWORD" authentication to us even if
     no authentication was selected.
 
+  (For more information on stream isolation, see IsolateSOCKSAuth on the Tor
+  manpage.)
+
 2. Name lookup
 
   As an extension to SOCKS4A and SOCKS5, Tor implements a new command value,
-- 
cgit v1.2.3-54-g00ecf