03cb91012d
Previously, there was a bug in the way that our code used our SOCKS implementations. If the buffer used for a SOCKS handshake became full without completing the handshake, then rather than expanding the buffer or closing the connection, our code would keep trying to read into the zero-byte slice available in the full buffer forever, in a tight loop. We're classifying this as a LOW-severity issue, since it is only exploitable by pluggable transports (which are trusted) and by local applications with access to the SOCKS port. Closes #861. Fixes TROVE-2023-001. Reported-By: Jakob Lell <jakob AT srlabs DOT de> |
||
|---|---|---|
| .. | ||
| src | ||
| Cargo.toml | ||
| README.md | ||
README.md
tor-chanmgr
Manage a set of channels on the Tor network.
Overview
This crate is part of Arti, a project to implement Tor in Rust.
In Tor, a channel is a connection to a Tor relay. It can be direct via TLS, or indirect via TLS over a pluggable transport. (For now, only direct channels are supported.)
Since a channel can be used for more than one circuit, it's
important to reuse channels when possible. This crate implements
a [ChanMgr] type that can be used to create channels on demand,
and return existing channels when they already exist.
Compile-time features
pt-client-- Build with APIs to support pluggable transports.
Experimental and unstable features
Note that the APIs enabled by these features are NOT covered by semantic versioning1 guarantees: we might break them or remove them between patch versions.
experimental-- Build with all experimental features above. (Currently, there are no experimental features in this crate, but there may be some in the future.)
License: MIT OR Apache-2.0
-
Remember, semantic versioning is what makes various
cargofeatures work reliably. To be explicit: if you wantcargo updateto only make safe changes, then you cannot enable these features. ↩︎