[tor-bugs] #15588 [Tor]: Allow client authorization on control port ADD_ONION services

Tor Bug Tracker & Wiki blackhole at torproject.org
Wed Oct 7 13:00:30 UTC 2015


#15588: Allow client authorization on control port ADD_ONION services
-------------------------+-------------------------------------------------
     Reporter:  special  |      Owner:  special
         Type:           |     Status:  needs_revision
  enhancement            |  Milestone:  Tor: 0.2.8.x-final
     Priority:  major    |    Version:
    Component:  Tor      |   Keywords:  hidden-service, control, tor-hs,
   Resolution:           |  028-triaged
Actual Points:           |  Parent ID:  #8993
       Points:  small    |    Sponsor:
-------------------------+-------------------------------------------------
Changes (by nickm):

 * status:  needs_review => needs_revision


Comment:

 9e44364643eba61567249705374579d58836f832 : looks fine still.

 2ac5c5c59cee3ad471eee14995d316988cc909c8 :  I'm glad to see tests here
 now.
    * Suggestion: this code could use base64_encode_nopad() and
 base64_decode_nopad() to handle the padding-stripping part of the logic.
   * I think the ddecode function needs to check the length of
 descriptor_cookie_tmp after decoding it?  The old code does that, right?
   * descriptor_cookie_tmp should probably be of type uint8_t, yeah?

 dce6310a49fb6c0b08a0d5c3220d46834df24d61 : We should add documentation on
 the type of the new auth_clients argument to rend_service_add_ephemeral,
 and document that we take ownership of the reference.

 11575f3be9705ff571eb24c2506f6e83ae284aa9 : Unit tests wouldn't be too hard
 to add here, and would be good for ensuring that we got the code right.

 I'd be happy to do the above, or you could do it.  But if you do it,
 please do it by adding fixup commits to the branch, rather than by
 rewriting the branch, so that I can review *only* the part that changed?

 (Also, how much of this have you tested in the wild, as client and as
 server, with actual authorization types?)

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15588#comment:12>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online


More information about the tor-bugs mailing list