Reject *:563 (NTTPS) in the default exit policy. We already reject

NNTP by default, so this seems like a sensible addition. (suggested by bug 331) svn:r9149
2024-11-20 10:12:15 +01:00 · 2006-12-18 08:25:34 +00:00 · 2006-12-18 08:25:34 +00:00 · e66b6f0d50
commit e66b6f0d50
parent ad5ce3c7ed
3 changed files with 5 additions and 1 deletions
--- a/2
+++ b/2
@ -21,6 +21,8 @@ Changes in version 0.1.2.5-xxxx - 200?-??-??
    - Add internal descriptions for a bunch of configuration options:
      accessible via controller interface and in comments in saved
      options files.
+    - Reject *:563 (NTTPS) in the default exit policy. We already reject
+      NNTP by default, so this seems like a sensible addition.

  o Security bugfixes:
    - Stop sending the HttpProxyAuthenticator string to directory
--- a/doc/tor.1.in
+++ b/doc/tor.1.in
@ -542,6 +542,7 @@ either a reject *:* or an accept *:*. Otherwise, you're _augmenting_
 .IP "reject *:135-139"
 .IP "reject *:445"
 .IP "reject *:465"
+.IP "reject *:563"
 .IP "reject *:587"
 .IP "reject *:1214"
 .IP "reject *:4661-4666"
--- a/src/or/policies.c
+++ b/src/or/policies.c
@ -589,7 +589,8 @@ exit_policy_remove_redundancies(addr_policy_t **dest)

 #define DEFAULT_EXIT_POLICY                                         \
  "reject *:25,reject *:119,reject *:135-139,reject *:445,"         \
-  "reject *:465,reject *:587,reject *:1214,reject *:4661-4666,"     \
+  "reject *:465,reject *:563,reject *:587,"                         \
+  "reject *:1214,reject *:4661-4666,"                               \
  "reject *:6346-6429,reject *:6699,reject *:6881-6999,accept *:*"

 /** Parse the exit policy <b>cfg</b> into the linked list *<b>dest</b>. If