summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2008-02-17 18:45:07 +0000
committerNick Mathewson <nickm@torproject.org>2008-02-17 18:45:07 +0000
commitfaa56a500b4bcdac6306c0c8b923bb1fb22267ec (patch)
treea6a3bad7d03732adaa055151ad3c226e3b7dc764
parent4c1e516a093674e1911012a9f9c95fcab845a3e7 (diff)
downloadtor-faa56a500b4bcdac6306c0c8b923bb1fb22267ec.tar.gz
tor-faa56a500b4bcdac6306c0c8b923bb1fb22267ec.zip
r14236@tombo: nickm | 2008-02-17 13:44:55 -0500
Partial fix for bug 586: Add an ephemeral __HashedControlSessionPassword. svn:r13543
-rw-r--r--ChangeLog5
-rw-r--r--doc/spec/control-spec.txt5
-rw-r--r--src/or/config.c18
-rw-r--r--src/or/control.c34
-rw-r--r--src/or/or.h2
5 files changed, 58 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index e2ae4e8d06..e8ffbfd445 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -13,6 +13,11 @@ Changes in version 0.2.0.20-?? - 2008-02-??
- Tune parameters for cell pool allocation to minimize amount of
RAM overhead used.
+ o Minor features (controller):
+ - Add a new __HashedControlSessionPassword option for controllers
+ to use for one-off session password hashes that shouldn't get
+ saved to disk by SAVECONF. Partial fix for bug 586.
+
o Minor bugfixes:
- Log the correct memory chunk sizes for empty RAM chunks in mempool.c.
- Directory mirrors no longer include a guess at the client's IP
diff --git a/doc/spec/control-spec.txt b/doc/spec/control-spec.txt
index 1fdc0ecba4..97f0f4c9ec 100644
--- a/doc/spec/control-spec.txt
+++ b/doc/spec/control-spec.txt
@@ -1560,3 +1560,8 @@ $Id$
(Boolean. Default: "0".)
+ __HashedControlSessionPassword
+
+ As HashedControlPassword, but is not saved to the torrc file by
+ SAVECONF. Added in Tor 0.2.0.20-rc.
+
diff --git a/src/or/config.c b/src/or/config.c
index 4d6e30bb76..3a47f9449e 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -306,6 +306,8 @@ static config_var_t _option_vars[] = {
VAR("__AllDirActionsPrivate", BOOL, AllDirActionsPrivate, "0"),
VAR("__DisablePredictedCircuits",BOOL,DisablePredictedCircuits, "0"),
VAR("__LeaveStreamsUnattached",BOOL, LeaveStreamsUnattached, "0"),
+ VAR("__HashedControlSessionPassword", LINELIST, HashedControlSessionPassword,
+ NULL),
V(MinUptimeHidServDirectoryV2, INTERVAL, "24 hours"),
{ NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
};
@@ -3155,6 +3157,17 @@ options_validate(or_options_t *old_options, or_options_t *options,
}
}
+ if (options->HashedControlSessionPassword) {
+ smartlist_t *sl = decode_hashed_passwords(
+ options->HashedControlSessionPassword);
+ if (!sl) {
+ REJECT("Bad HashedControlSessionPassword: wrong length or bad encoding");
+ } else {
+ SMARTLIST_FOREACH(sl, char*, cp, tor_free(cp));
+ smartlist_free(sl);
+ }
+ }
+
if (options->ControlListenAddress) {
int all_are_local = 1;
config_line_t *ln;
@@ -3163,7 +3176,9 @@ options_validate(or_options_t *old_options, or_options_t *options,
all_are_local = 0;
}
if (!all_are_local) {
- if (!options->HashedControlPassword && !options->CookieAuthentication) {
+ if (!options->HashedControlPassword &&
+ !options->HashedControlSessionPassword &&
+ !options->CookieAuthentication) {
log_warn(LD_CONFIG, "You have a ControlListenAddress set to accept "
"connections from a non-local address. This means that "
"any program on the internet can reconfigure your Tor. "
@@ -3179,6 +3194,7 @@ options_validate(or_options_t *old_options, or_options_t *options,
}
if (options->ControlPort && !options->HashedControlPassword &&
+ !options->HashedControlSessionPassword &&
!options->CookieAuthentication) {
log_warn(LD_CONFIG, "ControlPort is open, but no authentication method "
"has been configured. This means that any program on your "
diff --git a/src/or/control.c b/src/or/control.c
index 220673fe7d..106327cc7d 100644
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -1034,14 +1034,16 @@ handle_control_authenticate(control_connection_t *conn, uint32_t len,
used_quoted_string = 1;
}
- if (!options->CookieAuthentication && !options->HashedControlPassword) {
+ if (!options->CookieAuthentication && !options->HashedControlPassword &&
+ !options->HashedControlSessionPassword) {
/* if Tor doesn't demand any stronger authentication, then
* the controller can get in with anything. */
goto ok;
}
if (options->CookieAuthentication) {
- int also_password = options->HashedControlPassword != NULL;
+ int also_password = options->HashedControlPassword != NULL ||
+ options->HashedControlSessionPassword != NULL;
if (password_len != AUTHENTICATION_COOKIE_LEN) {
if (!also_password) {
log_warn(LD_CONTROL, "Got authentication cookie with wrong length "
@@ -1062,17 +1064,39 @@ handle_control_authenticate(control_connection_t *conn, uint32_t len,
}
}
- if (options->HashedControlPassword) {
+ if (options->HashedControlPassword || options->HashedControlSessionPassword) {
+ int bad = 0;
+ smartlist_t *sl_tmp;
char received[DIGEST_LEN];
int also_cookie = options->CookieAuthentication;
- sl = decode_hashed_passwords(options->HashedControlPassword);
- if (!sl) {
+ sl = smartlist_create();
+ if (options->HashedControlPassword) {
+ sl_tmp = decode_hashed_passwords(options->HashedControlPassword);
+ if (!sl_tmp)
+ bad = 1;
+ else {
+ smartlist_add_all(sl, sl_tmp);
+ smartlist_free(sl_tmp);
+ }
+ }
+ if (options->HashedControlSessionPassword) {
+ sl_tmp = decode_hashed_passwords(options->HashedControlSessionPassword);
+ if (!sl_tmp)
+ bad = 1;
+ else {
+ smartlist_add_all(sl, sl_tmp);
+ smartlist_free(sl_tmp);
+ }
+ }
+ if (bad) {
if (!also_cookie) {
log_warn(LD_CONTROL,
"Couldn't decode HashedControlPassword: invalid base16");
errstr="Couldn't decode HashedControlPassword value in configuration.";
}
bad_password = 1;
+ SMARTLIST_FOREACH(sl, char *, cp, tor_free(cp));
+ smartlist_free(sl);
} else {
SMARTLIST_FOREACH(sl, char *, expected,
{
diff --git a/src/or/or.h b/src/or/or.h
index 28c7bfdbd3..5a0a10d502 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2258,6 +2258,8 @@ typedef struct {
/** Base64-encoded hash of accepted passwords for the control system. */
config_line_t *HashedControlPassword;
+ /** As HashedControlPassword, but not saved. */
+ config_line_t *HashedControlSessionPassword;
int CookieAuthentication; /**< Boolean: do we enable cookie-based auth for
* the control system? */