Commit e66b6f0d authored by Roger Dingledine's avatar Roger Dingledine
Browse files

Reject *:563 (NTTPS) in the default exit policy. We already reject

NNTP by default, so this seems like a sensible addition.
(suggested by bug 331)


svn:r9149
parent ad5ce3c7
......@@ -21,6 +21,8 @@ Changes in version 0.1.2.5-xxxx - 200?-??-??
- Add internal descriptions for a bunch of configuration options:
accessible via controller interface and in comments in saved
options files.
- Reject *:563 (NTTPS) in the default exit policy. We already reject
NNTP by default, so this seems like a sensible addition.
o Security bugfixes:
- Stop sending the HttpProxyAuthenticator string to directory
......
......@@ -542,6 +542,7 @@ either a reject *:* or an accept *:*. Otherwise, you're _augmenting_
.IP "reject *:135-139"
.IP "reject *:445"
.IP "reject *:465"
.IP "reject *:563"
.IP "reject *:587"
.IP "reject *:1214"
.IP "reject *:4661-4666"
......
......@@ -589,7 +589,8 @@ exit_policy_remove_redundancies(addr_policy_t **dest)
#define DEFAULT_EXIT_POLICY \
"reject *:25,reject *:119,reject *:135-139,reject *:445," \
"reject *:465,reject *:587,reject *:1214,reject *:4661-4666," \
"reject *:465,reject *:563,reject *:587," \
"reject *:1214,reject *:4661-4666," \
"reject *:6346-6429,reject *:6699,reject *:6881-6999,accept *:*"
/** Parse the exit policy <b>cfg</b> into the linked list *<b>dest</b>. If
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment