[tor-commits] [torspec/master] socks-extensions: we do not in fact ignore usernames

[nickm at torproject.org]

commit 5b875a19f2de7da4a7c7cf66a810a4f33b81f57a
Author: Nick Mathewson <nickm at torproject.org>
Date:   Tue Feb 25 10:30:30 2014 -0500

    socks-extensions: we do not in fact ignore usernames
---
 socks-extensions.txt |    9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/socks-extensions.txt b/socks-extensions.txt
index d2c68f1..ab37670 100644
--- a/socks-extensions.txt
+++ b/socks-extensions.txt
@@ -26,18 +26,21 @@ Tor's extensions to the SOCKS protocol
   - The BIND command is not supported.
 
   SOCKS4,4A:
-  - SOCKS4 usernames are ignored.
+  - SOCKS4 usernames are used to implement stream isolation.
 
   SOCKS5:
   - The (SOCKS5) "UDP ASSOCIATE" command is not supported.
   - IPv6 is not supported in CONNECT commands.
   - The "NO AUTHENTICATION REQUIRED" (SOCKS5) authentication method [00] is
     supported; and as of Tor 0.2.3.2-alpha, the "USERNAME/PASSWORD" (SOCKS5)
-    authentication method [02] is supported too. Any credentials passed to
-    the latter are ignored. As an extension to support some broken clients,
+    authentication method [02] is supported too, and used as a method to
+    implement stream isolation. As an extension to support some broken clients,
     we allow clients to pass "USERNAME/PASSWORD" authentication to us even if
     no authentication was selected.
 
+  (For more information on stream isolation, see IsolateSOCKSAuth on the Tor
+  manpage.)
+
 2. Name lookup
 
   As an extension to SOCKS4A and SOCKS5, Tor implements a new command value,