diff options
author | Wladimir J. van der Laan <laanwj@gmail.com> | 2016-03-17 12:49:16 +0100 |
---|---|---|
committer | Wladimir J. van der Laan <laanwj@gmail.com> | 2016-06-06 10:38:54 +0200 |
commit | 2e494489c35499dbe7891d4c07b4c35b178341d1 (patch) | |
tree | 498bfcd9477719b5775f04926a5b40045c409c4d | |
parent | 14d6324a248df50cb79fbeb5b60a978687a3b64e (diff) |
tor: Change auth order to only use HASHEDPASSWORD if -torpassword
Change authentication order to make it more clear (see #7700).
- If the `-torpassword` option is provided, force use of
`HASHEDPASSWORD` auth.
- Give error message if `-torpassword` provided, but
`HASHEDPASSWORD` auth is not available.
- Give error message if only `HASHEDPASSWORD` available, but
`-torpassword` not given.
-rw-r--r-- | src/torcontrol.cpp | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/src/torcontrol.cpp b/src/torcontrol.cpp index 1c7bc2dbee..6fabe54afe 100644 --- a/src/torcontrol.cpp +++ b/src/torcontrol.cpp @@ -574,7 +574,15 @@ void TorController::protocolinfo_cb(TorControlConnection& conn, const TorControl * password: "password" */ std::string torpassword = GetArg("-torpassword", ""); - if (methods.count("NULL")) { + if (!torpassword.empty()) { + if (methods.count("HASHEDPASSWORD")) { + LogPrint("tor", "tor: Using HASHEDPASSWORD authentication\n"); + boost::replace_all(torpassword, "\"", "\\\""); + conn.Command("AUTHENTICATE \"" + torpassword + "\"", boost::bind(&TorController::auth_cb, this, _1, _2)); + } else { + LogPrintf("tor: Password provided with -torpassword, but HASHEDPASSWORD authentication is not available\n"); + } + } else if (methods.count("NULL")) { LogPrint("tor", "tor: Using NULL authentication\n"); conn.Command("AUTHENTICATE", boost::bind(&TorController::auth_cb, this, _1, _2)); } else if (methods.count("SAFECOOKIE")) { @@ -595,13 +603,7 @@ void TorController::protocolinfo_cb(TorControlConnection& conn, const TorControl } } } else if (methods.count("HASHEDPASSWORD")) { - if (!torpassword.empty()) { - LogPrint("tor", "tor: Using HASHEDPASSWORD authentication\n"); - boost::replace_all(torpassword, "\"", "\\\""); - conn.Command("AUTHENTICATE \"" + torpassword + "\"", boost::bind(&TorController::auth_cb, this, _1, _2)); - } else { - LogPrintf("tor: Password authentication required, but no password provided with -torpassword\n"); - } + LogPrintf("tor: The only supported authentication mechanism left is password, but no password provided with -torpassword\n"); } else { LogPrintf("tor: No supported authentication method\n"); } |