diff options
| author | Nick Mathewson <nickm@torproject.org> | 2004-12-13 18:32:29 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2004-12-13 18:32:29 +0000 |
| commit | 1e71b838904e44840f6f094104b740fc9c3a759f (patch) | |
| tree | bfa1e93668c9486ec47a99782956f0ea0b454e38 /src | |
| parent | 6cc7d32afc8c0474aa3a4409e54380033dd83144 (diff) | |
| download | tor-1e71b838904e44840f6f094104b740fc9c3a759f.tar.gz tor-1e71b838904e44840f6f094104b740fc9c3a759f.zip | |
Fix a bug in parsing HashedControlPassword.
svn:r3143
Diffstat (limited to 'src')
| -rw-r--r-- | src/or/config.c | 4 | ||||
| -rw-r--r-- | src/or/control.c | 29 | ||||
| -rw-r--r-- | src/or/or.h | 1 |
3 files changed, 28 insertions, 6 deletions
diff --git a/src/or/config.c b/src/or/config.c index 7210a5d727..74c50f6fa1 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1402,9 +1402,7 @@ options_validate(or_options_t *options) } if (options->HashedControlPassword) { - char buf[S2K_SPECIFIER_LEN+DIGEST_LEN]; - if (base64_decode(buf,sizeof(buf),options->HashedControlPassword, - strlen(options->HashedControlPassword)!=sizeof(buf))) { + if (decode_hashed_password(NULL, options->HashedControlPassword)<0) { log_fn(LOG_WARN,"Bad HashedControlPassword: wrong length or bad base64"); result = -1; } diff --git a/src/or/control.c b/src/or/control.c index 905c6622be..6c630c5103 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -324,6 +324,31 @@ handle_control_setevents(connection_t *conn, uint16_t len, const char *body) return 0; } +/** Decode the hashed, base64'd password stored in <b>hashed</b>. If + * <b>buf</b> is provided, store the hashed password in the first + * S2K_SPECIFIER_LEN+DIGEST_LEN bytes of <b>buf</b>. Return 0 on + * success, -1 on failure. + */ +int +decode_hashed_password(char *buf, const char *hashed) +{ + size_t len = strlen(hashed)+2; + char *base64 = tor_malloc(len); + char decoded[64]; + int r; + if (tor_snprintf(base64, len, "%s\n", hashed)<0) + return -1; + if ((r = base64_decode(decoded, sizeof(decoded), + base64, strlen(base64))) != + S2K_SPECIFIER_LEN+DIGEST_LEN) { + printf("BB %d\n",r); + return -1; + } + if (buf) + memcpy(buf, decoded, sizeof(decoded)); + return 0; +} + /** Called when we get an AUTHENTICATE message. Check whether the * authentication is valid, and if so, update the connection's state to * OPEN. Reply with DONE or ERROR. @@ -340,9 +365,7 @@ handle_control_authenticate(connection_t *conn, uint16_t len, const char *body) } else if (options->HashedControlPassword) { char expected[S2K_SPECIFIER_LEN+DIGEST_LEN]; char received[DIGEST_LEN]; - if (base64_decode(expected,sizeof(expected), - options->HashedControlPassword, - strlen(options->HashedControlPassword))<0) { + if (decode_hashed_password(expected, options->HashedControlPassword)<0) { log_fn(LOG_WARN,"Couldn't decode HashedControlPassword: invalid base64"); goto err; } diff --git a/src/or/or.h b/src/or/or.h index 92d1a22fe4..e5facee380 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -1294,6 +1294,7 @@ int control_event_bandwidth_used(uint32_t n_read, uint32_t n_written); void control_event_logmsg(int severity, const char *msg); int init_cookie_authentication(int enabled); +int decode_hashed_password(char *buf, const char *hashed); /********************************* cpuworker.c *****************************/ |