[tor-bugs] #11215 [BridgeDB]: Add timestamp/expiry to HMAC verification code in BridgeDB's local CAPTCHAs
Tor Bug Tracker & Wiki
blackhole at torproject.org
Wed May 14 22:45:52 UTC 2014
#11215: Add timestamp/expiry to HMAC verification code in BridgeDB's local CAPTCHAs
-------------------------+-------------------------------------------------
Reporter: isis | Owner: isis
Type: defect | Status: needs_review
Priority: major | Milestone:
Component: | Version:
BridgeDB | Keywords: bridgedb-https, security,
Resolution: | bridgedb-0.2.1, easy
Actual Points: | Parent ID:
Points: |
-------------------------+-------------------------------------------------
Changes (by isis):
* keywords: bridgedb-https, security, bridgedb-0.1.6, easy => bridgedb-
https, security, bridgedb-0.2.1, easy
* status: new => needs_review
Comment:
Fixed in my `fix/11215-captcha-timeouts`
[https://gitweb.torproject.org/user/isislovecruft/bridgedb.git/log/refs/heads/fix/11215
-captcha-timeouts branch].
The default is to timeout 30 minutes after the client has been given the
CAPTCHA.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/11215#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list