[or-cvs] [torflow/master 2/8] Added cookie_file parameter to check_dns_rebind

[mikeperry at torproject.org]

Author: John M. Schanck <john at anomos.info>
Date: Sat, 15 May 2010 21:17:01 -0400
Subject: Added cookie_file parameter to check_dns_rebind
Commit: 7b764bc4e6c67efec4a832565a03f0a4d8a7ff7e

---
 NetworkScanners/ExitAuthority/soat.py |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/NetworkScanners/ExitAuthority/soat.py b/NetworkScanners/ExitAuthority/soat.py
index 3972cd9..cf6706f 100755
--- a/NetworkScanners/ExitAuthority/soat.py
+++ b/NetworkScanners/ExitAuthority/soat.py
@@ -259,7 +259,7 @@ class ExitScanHandler(ScanSupport.ScanHandler):
     plog('INFO', 'Total bad exits: ' + `len(bad_exits)` + ' (~' + `(len(bad_exits) * 100 / len(routers))` + '%)')
 
   # FIXME: Hrmm is this in the right place?
-  def check_dns_rebind(self):
+  def check_dns_rebind(self, cookie_file):
     '''
     A DNS-rebind attack test that runs in the background and monitors REMAP
     events The test makes sure that external hosts are not resolved to private
@@ -270,8 +270,8 @@ class ExitScanHandler(ScanSupport.ScanHandler):
     try:
       s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
       s.connect((TorUtil.control_host, TorUtil.control_port))
-      c = Connection(s)
-      c.authenticate()
+      c = PathSupport.Connection(s)
+      c.authenticate_cookie(file(cookie_file, "r"))
     except socket.error, e:
       plog('ERROR', 'Couldn\'t connect to the control port')
       plog('ERROR', e)
@@ -2691,7 +2691,7 @@ def main(argv):
 
   # initiate the passive dns rebind attack monitor
   if do_dns_rebind:
-    scanhdlr.check_dns_rebind()
+    scanhdlr.check_dns_rebind(data_dir+"tor/control_auth_cookie")
 
   # check for sketchy exit policies
   if do_consistency:
-- 
1.6.5