[tor-bugs] #4600 [Tor Relay]: Spec doesn't mention password quotes
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Nov 29 22:23:32 UTC 2011
#4600: Spec doesn't mention password quotes
-----------------------+----------------------------------------------------
Reporter: atagar | Owner:
Type: defect | Status: new
Priority: trivial | Milestone:
Component: Tor Relay | Version:
Keywords: easy | Parent:
Points: | Actualpoints:
-----------------------+----------------------------------------------------
Comment(by atagar):
> Is this something you can write a spec patch for?
I can write spec patches for what I think it should be if you'd like.
> I'd have an easier time if you can rephrase the bug in terms of a list
of questions that you want the spec to answer
My first thought when I saw that AUTHENTICATE took a quoted passphrase was
"Hm, guess the passphrase can't contain quotes. Hopefully --hash-password
gives an error when users try to create hashed passphrases with quotes.".
After a bit of experimenting my next thought was "Uhh, are quotes the only
escaped value?".
I'd like the spec to specify...
- when and what escaping is expected for requests
- when and what unescaping should be applied to replies
- a note that says that if there's escaping outside of this then it's
either a tor or spec bug
Cheers! -Damian
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/4600#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list