diff options
| author | Nick Mathewson <nickm@torproject.org> | 2008-02-17 18:45:07 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2008-02-17 18:45:07 +0000 |
| commit | faa56a500b4bcdac6306c0c8b923bb1fb22267ec (patch) | |
| tree | a6a3bad7d03732adaa055151ad3c226e3b7dc764 /src | |
| parent | 4c1e516a093674e1911012a9f9c95fcab845a3e7 (diff) | |
| download | tor-faa56a500b4bcdac6306c0c8b923bb1fb22267ec.tar.gz tor-faa56a500b4bcdac6306c0c8b923bb1fb22267ec.zip | |
r14236@tombo: nickm | 2008-02-17 13:44:55 -0500
Partial fix for bug 586: Add an ephemeral __HashedControlSessionPassword.
svn:r13543
Diffstat (limited to 'src')
| -rw-r--r-- | src/or/config.c | 18 | ||||
| -rw-r--r-- | src/or/control.c | 34 | ||||
| -rw-r--r-- | src/or/or.h | 2 |
3 files changed, 48 insertions, 6 deletions
diff --git a/src/or/config.c b/src/or/config.c index 4d6e30bb76..3a47f9449e 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -306,6 +306,8 @@ static config_var_t _option_vars[] = { VAR("__AllDirActionsPrivate", BOOL, AllDirActionsPrivate, "0"), VAR("__DisablePredictedCircuits",BOOL,DisablePredictedCircuits, "0"), VAR("__LeaveStreamsUnattached",BOOL, LeaveStreamsUnattached, "0"), + VAR("__HashedControlSessionPassword", LINELIST, HashedControlSessionPassword, + NULL), V(MinUptimeHidServDirectoryV2, INTERVAL, "24 hours"), { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL } }; @@ -3155,6 +3157,17 @@ options_validate(or_options_t *old_options, or_options_t *options, } } + if (options->HashedControlSessionPassword) { + smartlist_t *sl = decode_hashed_passwords( + options->HashedControlSessionPassword); + if (!sl) { + REJECT("Bad HashedControlSessionPassword: wrong length or bad encoding"); + } else { + SMARTLIST_FOREACH(sl, char*, cp, tor_free(cp)); + smartlist_free(sl); + } + } + if (options->ControlListenAddress) { int all_are_local = 1; config_line_t *ln; @@ -3163,7 +3176,9 @@ options_validate(or_options_t *old_options, or_options_t *options, all_are_local = 0; } if (!all_are_local) { - if (!options->HashedControlPassword && !options->CookieAuthentication) { + if (!options->HashedControlPassword && + !options->HashedControlSessionPassword && + !options->CookieAuthentication) { log_warn(LD_CONFIG, "You have a ControlListenAddress set to accept " "connections from a non-local address. This means that " "any program on the internet can reconfigure your Tor. " @@ -3179,6 +3194,7 @@ options_validate(or_options_t *old_options, or_options_t *options, } if (options->ControlPort && !options->HashedControlPassword && + !options->HashedControlSessionPassword && !options->CookieAuthentication) { log_warn(LD_CONFIG, "ControlPort is open, but no authentication method " "has been configured. This means that any program on your " diff --git a/src/or/control.c b/src/or/control.c index 220673fe7d..106327cc7d 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -1034,14 +1034,16 @@ handle_control_authenticate(control_connection_t *conn, uint32_t len, used_quoted_string = 1; } - if (!options->CookieAuthentication && !options->HashedControlPassword) { + if (!options->CookieAuthentication && !options->HashedControlPassword && + !options->HashedControlSessionPassword) { /* if Tor doesn't demand any stronger authentication, then * the controller can get in with anything. */ goto ok; } if (options->CookieAuthentication) { - int also_password = options->HashedControlPassword != NULL; + int also_password = options->HashedControlPassword != NULL || + options->HashedControlSessionPassword != NULL; if (password_len != AUTHENTICATION_COOKIE_LEN) { if (!also_password) { log_warn(LD_CONTROL, "Got authentication cookie with wrong length " @@ -1062,17 +1064,39 @@ handle_control_authenticate(control_connection_t *conn, uint32_t len, } } - if (options->HashedControlPassword) { + if (options->HashedControlPassword || options->HashedControlSessionPassword) { + int bad = 0; + smartlist_t *sl_tmp; char received[DIGEST_LEN]; int also_cookie = options->CookieAuthentication; - sl = decode_hashed_passwords(options->HashedControlPassword); - if (!sl) { + sl = smartlist_create(); + if (options->HashedControlPassword) { + sl_tmp = decode_hashed_passwords(options->HashedControlPassword); + if (!sl_tmp) + bad = 1; + else { + smartlist_add_all(sl, sl_tmp); + smartlist_free(sl_tmp); + } + } + if (options->HashedControlSessionPassword) { + sl_tmp = decode_hashed_passwords(options->HashedControlSessionPassword); + if (!sl_tmp) + bad = 1; + else { + smartlist_add_all(sl, sl_tmp); + smartlist_free(sl_tmp); + } + } + if (bad) { if (!also_cookie) { log_warn(LD_CONTROL, "Couldn't decode HashedControlPassword: invalid base16"); errstr="Couldn't decode HashedControlPassword value in configuration."; } bad_password = 1; + SMARTLIST_FOREACH(sl, char *, cp, tor_free(cp)); + smartlist_free(sl); } else { SMARTLIST_FOREACH(sl, char *, expected, { diff --git a/src/or/or.h b/src/or/or.h index 28c7bfdbd3..5a0a10d502 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2258,6 +2258,8 @@ typedef struct { /** Base64-encoded hash of accepted passwords for the control system. */ config_line_t *HashedControlPassword; + /** As HashedControlPassword, but not saved. */ + config_line_t *HashedControlSessionPassword; int CookieAuthentication; /**< Boolean: do we enable cookie-based auth for * the control system? */ |