diff options
| author | Nick Mathewson <nickm@torproject.org> | 2009-01-08 14:07:05 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2009-01-08 14:07:05 +0000 |
| commit | bd0e400bc37bfca75e8ffd81a7266385bcd418f6 (patch) | |
| tree | 1b37fe5a8f7872e628f1828593128a9bc278ebfb /doc/spec | |
| parent | da6ee5da73391537863b5cc2cbd6a257dcfabba1 (diff) | |
| download | tor-bd0e400bc37bfca75e8ffd81a7266385bcd418f6.tar.gz tor-bd0e400bc37bfca75e8ffd81a7266385bcd418f6.zip | |
AUTHENTICATE is really mandatory. No authentication is not quite the default.
svn:r18024
Diffstat (limited to 'doc/spec')
| -rw-r--r-- | doc/spec/control-spec.txt | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/doc/spec/control-spec.txt b/doc/spec/control-spec.txt index 093bf20a56..7c9bcea083 100644 --- a/doc/spec/control-spec.txt +++ b/doc/spec/control-spec.txt @@ -253,6 +253,10 @@ $Id$ command, or sends PROTOCOLINFO more than once, Tor sends an error reply and closes the connection. + To prevent some cross-protocol attacks, the AUTHENTICATE command is still + required even if all authentication methods in Tor are disabled. In this + case, the controller should just send "AUTHENTICATE" CRLF. + (Versions of Tor before 0.1.2.16 and 0.2.0.4-alpha did not close the connection after an authentication failure.) @@ -1591,7 +1595,9 @@ $Id$ 5.1. Authentication - By default, the current Tor implementation trusts all local users. + If the control port is open and no authentication operation is enabled, Tor + trusts any local user that connects to the control port. This is generally + a poor idea. If the 'CookieAuthentication' option is true, Tor writes a "magic cookie" file named "control_auth_cookie" into its data directory. To authenticate, |