[tor-commits] [stem/master] Safecookie authentication broken when using python 3

atagar at torproject.org atagar at torproject.org
Mon Mar 25 16:11:16 UTC 2013


commit c75ab2812b90a730e135b5970ff35d431fa2c4a4
Author: Damian Johnson <atagar at torproject.org>
Date:   Mon Mar 25 08:33:57 2013 -0700

    Safecookie authentication broken when using python 3
    
    The os.urandom() provides bytes so there's no need to convert that, but we
    needed to be more careful about using the converted hex in the formatted
    string. It too was bytes, causing an extra embedded b''...
    
    >>> "hello %s" % b"damian"
    "hello b'damian'"
    
    Tor in turn rejected the nonce as being invalid. I don't get why python3 does
    it. With python2 bytes and unicode could both be used in a reasonable fashion
    for formatted strings - these extra characters are almost always undesirable.
    Oh well...
---
 stem/connection.py |    6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/stem/connection.py b/stem/connection.py
index d1aa3e5..1f5a53d 100644
--- a/stem/connection.py
+++ b/stem/connection.py
@@ -119,8 +119,8 @@ from stem.util import log
 
 AuthMethod = stem.util.enum.Enum("NONE", "PASSWORD", "COOKIE", "SAFECOOKIE", "UNKNOWN")
 
-CLIENT_HASH_CONSTANT = "Tor safe cookie authentication controller-to-server hash"
-SERVER_HASH_CONSTANT = "Tor safe cookie authentication server-to-controller hash"
+CLIENT_HASH_CONSTANT = b"Tor safe cookie authentication controller-to-server hash"
+SERVER_HASH_CONSTANT = b"Tor safe cookie authentication server-to-controller hash"
 
 
 def connect_port(address = "127.0.0.1", port = 9051, password = None, chroot_path = None, controller = stem.control.Controller):
@@ -690,7 +690,7 @@ def authenticate_safecookie(controller, cookie_path, suppress_ctl_errors = True)
   client_nonce = os.urandom(32)
 
   try:
-    client_nonce_hex = binascii.b2a_hex(stem.util.str_tools._to_bytes(client_nonce))
+    client_nonce_hex = stem.util.str_tools._to_unicode(binascii.b2a_hex(client_nonce))
     authchallenge_response = _msg(controller, "AUTHCHALLENGE SAFECOOKIE %s" % client_nonce_hex)
 
     if not authchallenge_response.is_ok():



More information about the tor-commits mailing list