[tor-commits] [tor-launcher/master] Surround plaintext (non-hex) passwords with double quotes.
brade at torproject.org
brade at torproject.org
Tue Apr 9 17:20:53 UTC 2013
commit 30df488037d3c8945ff17b95df5d24625a9467c3
Author: Kathy Brade <brade at torproject.org>
Date: Tue Apr 9 13:20:33 2013 -0400
Surround plaintext (non-hex) passwords with double quotes.
---
src/components/tl-protocol.js | 11 +++++++++--
1 files changed, 9 insertions(+), 2 deletions(-)
diff --git a/src/components/tl-protocol.js b/src/components/tl-protocol.js
index f589472..f760e63 100644
--- a/src/components/tl-protocol.js
+++ b/src/components/tl-protocol.js
@@ -423,8 +423,15 @@ TorProtocolService.prototype =
inStream: inputStream, outStream: outputStream };
// AUTHENTICATE
- var reply = this._sendCommand(conn, "AUTHENTICATE",
- this._strEscape(this.mControlPassword));
+ var pwdArg = this._strEscape(this.mControlPassword);
+ if (pwdArg && (pwdArg.length > 0) && (pwdArg.charAt(0) != '"'))
+ {
+ // Surround non-hex strings with double quotes.
+ const kIsHexRE = /^[A-Fa-f0-9]*$/;
+ if (!kIsHexRE.test(pwdArg))
+ pwdArg = '"' + pwdArg + '"';
+ }
+ var reply = this._sendCommand(conn, "AUTHENTICATE", pwdArg);
if (!this.TorCommandSucceeded(reply))
{
TorLauncherLogger.log(4, "authenticate failed");
More information about the tor-commits
mailing list