Merge remote-tracking branch 'origin/maint-0.2.4'

author: Nick Mathewson <nickm@torproject.org> 2013-05-15 10:44:17 -0400
committer: Nick Mathewson <nickm@torproject.org> 2013-05-15 10:44:17 -0400
commit: 69f66b960c61af0e2f26c5785c9bbd6a0c9b5f39 (patch)
tree: 24ac66e35f5ff262c32dedf3f68d8d8bb1552001
parent: d8f5c5b88d55c1d8893212663a7c2878f9c0c8b7 (diff)
parent: 0bfaf86612eddbd586d648f3b642dac26f134fca (diff)
download: tor-69f66b960c61af0e2f26c5785c9bbd6a0c9b5f39.tar
tor-69f66b960c61af0e2f26c5785c9bbd6a0c9b5f39.tar.gz
2 files changed, 6 insertions, 1 deletions
diff --git a/changes/bug8879 b/changes/bug8879
new file mode 100644
index 000000000..0d2a70086
--- /dev/null
+++ b/changes/bug8879
@@ -0,0 +1,5 @@
+  o Major bugfixes:
+    - Follow the socks5 protocol when offering username/password
+      authentication. The fix for bug 8117 exposed this bug, and it
+      turns out real-world applications like Pidgin do care. Bugfix on
+      0.2.3.2-alpha; fixes bug 8879.
diff --git a/src/or/buffers.c b/src/or/buffers.c
index d063d2313..c4c847ec8 100644
--- a/src/or/buffers.c
+++ b/src/or/buffers.c
@@ -1751,7 +1751,7 @@ parse_socks(const char *data, size_t datalen, socks_request_t *req,
         return 0;
       }
       req->replylen = 2; /* 2 bytes of response */
-      req->reply[0] = 5;
+      req->reply[0] = 1; /* authversion == 1 */
       req->reply[1] = 0; /* authentication successful */
       log_debug(LD_APP,
                "socks5: Accepted username/password without checking.");
author	Nick Mathewson <nickm@torproject.org>	2013-05-15 10:44:17 -0400
committer	Nick Mathewson <nickm@torproject.org>	2013-05-15 10:44:17 -0400
commit	69f66b960c61af0e2f26c5785c9bbd6a0c9b5f39 (patch)
tree	24ac66e35f5ff262c32dedf3f68d8d8bb1552001
parent	d8f5c5b88d55c1d8893212663a7c2878f9c0c8b7 (diff)
parent	0bfaf86612eddbd586d648f3b642dac26f134fca (diff)
download	tor-69f66b960c61af0e2f26c5785c9bbd6a0c9b5f39.tar tor-69f66b960c61af0e2f26c5785c9bbd6a0c9b5f39.tar.gz