[tor-bugs] #8117 [Tor]: Tor SOCKS handshake makes SOCKS circuit isolation non-functional for many apps
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Jan 31 19:05:28 UTC 2013
#8117: Tor SOCKS handshake makes SOCKS circuit isolation non-functional for many
apps
----------------------------------+-----------------------------------------
Reporter: cypherpunks | Owner:
Type: defect | Status: needs_review
Priority: major | Milestone: Tor: 0.2.3.x-final
Component: Tor | Version: Tor: 0.2.3.25
Keywords: tor-client isolation | Parent:
Points: | Actualpoints:
----------------------------------+-----------------------------------------
Comment(by cypherpunks):
The patch works properly on Tor's side. Wireshark reports Tor is now
sending username/password in the response, and Pidgin sends the username
and password, and then Tor says "success". Unfortunately, Pidgin
immediately closes the SOCKS connection and then times out, seemingly
forgetting what happened.
Other apps have similar issues. At least one began blasting data at the
SOCKS port as soon as Tor said "username/password", which causes a warn
about an improper SOCKS username/password version from Tor. Apparently it
forgot that it still needed to actually send one as configured! What a
mess.
Nothing has yet asked me for a password if I didn't provide one, though.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/8117#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list