[or-cvs] [tor/master] Disable .exit notation unless AllowDotExit is 1.
Fabian Keil
freebsd-listen at fabiankeil.de
Tue Aug 11 18:33:50 UTC 2009
nickm at seul.org (Nick Mathewson) wrote:
> Author: Roger Dingledine <arma at torproject.org>
> Date: Fri, 7 Aug 2009 19:26:41 -0400
> Subject: Disable .exit notation unless AllowDotExit is 1.
> Commit: 3e4379c2e73bf458cf60c63df44a8d0ec761568c
>
> ---
> doc/tor.1.in | 7 +++++++
> src/or/config.c | 1 +
> src/or/connection_edge.c | 18 ++++++++++++------
> src/or/or.h | 9 ++++++++-
> src/or/test.c | 8 ++++----
> 5 files changed, 32 insertions(+), 11 deletions(-)
>
> diff --git a/doc/tor.1.in b/doc/tor.1.in
> index b6e2231..fa383cc 100644
> --- a/doc/tor.1.in
> +++ b/doc/tor.1.in
> @@ -690,6 +690,13 @@ resolved. This helps trap accidental attempts to resolve URLs and so on.
> (Default: 0)
> .LP
> .TP
> +\fBAllowDotOnion \fR\fB0\fR|\fB1\fR\fP
> +If enabled, we convert "www.google.com.foo.exit" addresses on the
> +SocksPort/TransPort/NatdPort into "www.google.com" addresses that exit
> +from the node "foo". Disabled by default since attacking websites and
> +exit relays can use it to manipulate your path selection. (Default: 0)
Passing the exit notation through the TransPort or the NatdPort will
be challenging given that Tor only gets the destination IP address.
Fabian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20090811/77443a5c/attachment.pgp>
More information about the tor-dev
mailing list