#5185: Implement ‘safe cookie authentication’ in Tor
--------------------------+-------------------------------------------------
Reporter: rransom | Owner:
Type: enhancement | Status: needs_review
Priority: critical | Milestone: Tor: 0.2.2.x-final
Component: Tor Client | Version:
Keywords: security-fix | Parent:
Points: | Actualpoints:
--------------------------+-------------------------------------------------
Changes (by rransom):
* status: needs_revision => needs_review
Comment:
See my
[https://gitweb.torproject.org/rransom/tor.git/shortlog/refs/heads/safecookie-022-v3
safecookie-022-v3] tor branch (
`https://git.torproject.org/rransom/tor.git safecookie-022-v3` ) for a
code-change branch implementing ‘safe cookie authentication’ on
maint-0.2.2. (I rebased to put the cherry-picked commit introducing
`crypto_hmac_sha256` in before the commit using it.)
This time I've tested it before posting the branch. See branch
[https://gitweb.torproject.org/rransom/tor-utils.git/shortlog/refs/heads
/safecookie-python safecookie-python] of my tor-utils repo (
`https://git.torproject.org/rransom/tor-utils.git safecookie-python` ) for
the code I used to test the Tor changes (only tested with Python 2.7.2 as
packaged in Debian Wheezy).
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5185#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
[email protected]
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs
