[tor-commits] [flashproxy/master] Auth cookie reading.
dcf at torproject.org
dcf at torproject.org
Sun Feb 3 03:40:13 UTC 2013
commit 8d706d50fbf1671026a470c36df0c79e0ed93eb8
Author: David Fifield <david at bamsoftware.com>
Date: Tue Jan 29 09:38:28 2013 -0800
Auth cookie reading.
---
websocket-transport/pt.go | 30 ++++++++++++++++++++++++++++++
1 files changed, 30 insertions(+), 0 deletions(-)
diff --git a/websocket-transport/pt.go b/websocket-transport/pt.go
index d5435fa..1f3f283 100644
--- a/websocket-transport/pt.go
+++ b/websocket-transport/pt.go
@@ -26,7 +26,9 @@ package main
import (
"bytes"
+ "errors"
"fmt"
+ "io"
"net"
"os"
"strings"
@@ -262,8 +264,36 @@ func getServerBindAddrs(methodNames []string) []PtBindAddr {
// Reads and validates the contents of an auth cookie file. Returns the 32-byte
// cookie. See section 4.2.1.2 of pt-spec.txt.
func readAuthCookieFile(filename string) ([]byte, error) {
+ authCookieHeader := []byte("! Extended ORPort Auth Cookie !\x0a")
+ header := make([]byte, 32)
cookie := make([]byte, 32)
+ f, err := os.Open(filename)
+ if err != nil {
+ return cookie, err
+ }
+ defer f.Close()
+
+ n, err := io.ReadFull(f, header)
+ if err != nil {
+ return cookie, err
+ }
+ n, err = io.ReadFull(f, cookie)
+ if err != nil {
+ return cookie, err
+ }
+ // Check that the file ends here.
+ n, err = f.Read(make([]byte, 1))
+ if n != 0 {
+ return cookie, errors.New(fmt.Sprintf("file is longer than 64 bytes"))
+ } else if err != io.EOF {
+ return cookie, errors.New(fmt.Sprintf("did not find EOF at end of file"))
+ }
+
+ if !bytes.Equal(header, authCookieHeader) {
+ return cookie, errors.New(fmt.Sprintf("missing auth cookie header"))
+ }
+
return cookie, nil
}
More information about the tor-commits
mailing list