[or-cvs] r13543: Partial fix for bug 586: Add an ephemeral __HashedControlSes (in tor/trunk: . doc/spec src/or)

nickm at seul.org nickm at seul.org
Sun Feb 17 18:45:08 UTC 2008 

Author: nickm
Date: 2008-02-17 13:45:07 -0500 (Sun, 17 Feb 2008)
New Revision: 13543

Modified:
   tor/trunk/
   tor/trunk/ChangeLog
   tor/trunk/doc/spec/control-spec.txt
   tor/trunk/src/or/config.c
   tor/trunk/src/or/control.c
   tor/trunk/src/or/or.h
Log:
 r14236 at tombo:  nickm | 2008-02-17 13:44:55 -0500
 Partial fix for bug 586: Add an ephemeral __HashedControlSessionPassword.



Property changes on: tor/trunk
___________________________________________________________________
 svk:merge ticket from /tor/trunk [r14236] on 49666b30-7950-49c5-bedf-9dc8f3168102

Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog	2008-02-17 16:52:24 UTC (rev 13542)
+++ tor/trunk/ChangeLog	2008-02-17 18:45:07 UTC (rev 13543)
@@ -13,6 +13,11 @@
     - Tune parameters for cell pool allocation to minimize amount of
       RAM overhead used.
 
+  o Minor features (controller):
+    - Add a new __HashedControlSessionPassword option for controllers
+      to use for one-off session password hashes that shouldn't get
+      saved to disk by SAVECONF.  Partial fix for bug 586.
+
   o Minor bugfixes:
     - Log the correct memory chunk sizes for empty RAM chunks in mempool.c.
     - Directory mirrors no longer include a guess at the client's IP

Modified: tor/trunk/doc/spec/control-spec.txt
===================================================================
--- tor/trunk/doc/spec/control-spec.txt	2008-02-17 16:52:24 UTC (rev 13542)
+++ tor/trunk/doc/spec/control-spec.txt	2008-02-17 18:45:07 UTC (rev 13543)
@@ -1560,3 +1560,8 @@
 
     (Boolean. Default: "0".)
 
+  __HashedControlSessionPassword
+
+    As HashedControlPassword, but is not saved to the torrc file by
+    SAVECONF.  Added in Tor 0.2.0.20-rc.
+    

Modified: tor/trunk/src/or/config.c
===================================================================
--- tor/trunk/src/or/config.c	2008-02-17 16:52:24 UTC (rev 13542)
+++ tor/trunk/src/or/config.c	2008-02-17 18:45:07 UTC (rev 13543)
@@ -306,6 +306,8 @@
   VAR("__AllDirActionsPrivate",  BOOL,  AllDirActionsPrivate,     "0"),
   VAR("__DisablePredictedCircuits",BOOL,DisablePredictedCircuits, "0"),
   VAR("__LeaveStreamsUnattached",BOOL,  LeaveStreamsUnattached,   "0"),
+  VAR("__HashedControlSessionPassword", LINELIST, HashedControlSessionPassword,
+      NULL),
   V(MinUptimeHidServDirectoryV2, INTERVAL, "24 hours"),
   { NULL, CONFIG_TYPE_OBSOLETE, 0, NULL }
 };
@@ -3155,6 +3157,17 @@
     }
   }
 
+  if (options->HashedControlSessionPassword) {
+    smartlist_t *sl = decode_hashed_passwords(
+                                  options->HashedControlSessionPassword);
+    if (!sl) {
+      REJECT("Bad HashedControlSessionPassword: wrong length or bad encoding");
+    } else {
+      SMARTLIST_FOREACH(sl, char*, cp, tor_free(cp));
+      smartlist_free(sl);
+    }
+  }
+
   if (options->ControlListenAddress) {
     int all_are_local = 1;
     config_line_t *ln;
@@ -3163,7 +3176,9 @@
         all_are_local = 0;
     }
     if (!all_are_local) {
-      if (!options->HashedControlPassword && !options->CookieAuthentication) {
+      if (!options->HashedControlPassword &&
+          !options->HashedControlSessionPassword &&
+          !options->CookieAuthentication) {
         log_warn(LD_CONFIG, "You have a ControlListenAddress set to accept "
                  "connections from a non-local address.  This means that "
                  "any program on the internet can reconfigure your Tor. "
@@ -3179,6 +3194,7 @@
   }
 
   if (options->ControlPort && !options->HashedControlPassword &&
+      !options->HashedControlSessionPassword &&
       !options->CookieAuthentication) {
     log_warn(LD_CONFIG, "ControlPort is open, but no authentication method "
              "has been configured.  This means that any program on your "

Modified: tor/trunk/src/or/control.c
===================================================================
--- tor/trunk/src/or/control.c	2008-02-17 16:52:24 UTC (rev 13542)
+++ tor/trunk/src/or/control.c	2008-02-17 18:45:07 UTC (rev 13543)
@@ -1034,14 +1034,16 @@
     used_quoted_string = 1;
   }
 
-  if (!options->CookieAuthentication && !options->HashedControlPassword) {
+  if (!options->CookieAuthentication && !options->HashedControlPassword &&
+      !options->HashedControlSessionPassword) {
     /* if Tor doesn't demand any stronger authentication, then
      * the controller can get in with anything. */
     goto ok;
   }
 
   if (options->CookieAuthentication) {
-    int also_password = options->HashedControlPassword != NULL;
+    int also_password = options->HashedControlPassword != NULL ||
+      options->HashedControlSessionPassword != NULL;
     if (password_len != AUTHENTICATION_COOKIE_LEN) {
       if (!also_password) {
         log_warn(LD_CONTROL, "Got authentication cookie with wrong length "
@@ -1062,17 +1064,39 @@
     }
   }
 
-  if (options->HashedControlPassword) {
+  if (options->HashedControlPassword || options->HashedControlSessionPassword) {
+    int bad = 0;
+    smartlist_t *sl_tmp;
     char received[DIGEST_LEN];
     int also_cookie = options->CookieAuthentication;
-    sl = decode_hashed_passwords(options->HashedControlPassword);
-    if (!sl) {
+    sl = smartlist_create();
+    if (options->HashedControlPassword) {
+      sl_tmp = decode_hashed_passwords(options->HashedControlPassword);
+      if (!sl_tmp)
+        bad = 1;
+      else {
+        smartlist_add_all(sl, sl_tmp);
+        smartlist_free(sl_tmp);
+      }
+    }
+    if (options->HashedControlSessionPassword) {
+      sl_tmp = decode_hashed_passwords(options->HashedControlSessionPassword);
+      if (!sl_tmp)
+        bad = 1;
+      else {
+        smartlist_add_all(sl, sl_tmp);
+        smartlist_free(sl_tmp);
+      }
+    }
+    if (bad) {
       if (!also_cookie) {
         log_warn(LD_CONTROL,
                  "Couldn't decode HashedControlPassword: invalid base16");
         errstr="Couldn't decode HashedControlPassword value in configuration.";
       }
       bad_password = 1;
+      SMARTLIST_FOREACH(sl, char *, cp, tor_free(cp));
+      smartlist_free(sl);
     } else {
       SMARTLIST_FOREACH(sl, char *, expected,
       {

Modified: tor/trunk/src/or/or.h
===================================================================
--- tor/trunk/src/or/or.h	2008-02-17 16:52:24 UTC (rev 13542)
+++ tor/trunk/src/or/or.h	2008-02-17 18:45:07 UTC (rev 13543)
@@ -2258,6 +2258,8 @@
 
   /** Base64-encoded hash of accepted passwords for the control system. */
   config_line_t *HashedControlPassword;
+  /** As HashedControlPassword, but not saved. */
+  config_line_t *HashedControlSessionPassword;
 
   int CookieAuthentication; /**< Boolean: do we enable cookie-based auth for
                              * the control system? */

More information about the tor-commits mailing list