Browse Source

socks-extensions: we do not in fact ignore usernames

Nick Mathewson 4 years ago
parent
commit
5b875a19f2
1 changed files with 6 additions and 3 deletions
  1. 6 3
      socks-extensions.txt

+ 6 - 3
socks-extensions.txt

@@ -26,18 +26,21 @@ Tor's extensions to the SOCKS protocol
   - The BIND command is not supported.
 
   SOCKS4,4A:
-  - SOCKS4 usernames are ignored.
+  - SOCKS4 usernames are used to implement stream isolation.
 
   SOCKS5:
   - The (SOCKS5) "UDP ASSOCIATE" command is not supported.
   - IPv6 is not supported in CONNECT commands.
   - The "NO AUTHENTICATION REQUIRED" (SOCKS5) authentication method [00] is
     supported; and as of Tor 0.2.3.2-alpha, the "USERNAME/PASSWORD" (SOCKS5)
-    authentication method [02] is supported too. Any credentials passed to
-    the latter are ignored. As an extension to support some broken clients,
+    authentication method [02] is supported too, and used as a method to
+    implement stream isolation. As an extension to support some broken clients,
     we allow clients to pass "USERNAME/PASSWORD" authentication to us even if
     no authentication was selected.
 
+  (For more information on stream isolation, see IsolateSOCKSAuth on the Tor
+  manpage.)
+
 2. Name lookup
 
   As an extension to SOCKS4A and SOCKS5, Tor implements a new command value,