aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorWladimir J. van der Laan <laanwj@gmail.com>2016-03-17 12:49:16 +0100
committerWladimir J. van der Laan <laanwj@gmail.com>2016-06-06 10:38:54 +0200
commit2e494489c35499dbe7891d4c07b4c35b178341d1 (patch)
tree498bfcd9477719b5775f04926a5b40045c409c4d
parent14d6324a248df50cb79fbeb5b60a978687a3b64e (diff)
tor: Change auth order to only use HASHEDPASSWORD if -torpassword
Change authentication order to make it more clear (see #7700). - If the `-torpassword` option is provided, force use of `HASHEDPASSWORD` auth. - Give error message if `-torpassword` provided, but `HASHEDPASSWORD` auth is not available. - Give error message if only `HASHEDPASSWORD` available, but `-torpassword` not given.
-rw-r--r--src/torcontrol.cpp18
1 files changed, 10 insertions, 8 deletions
diff --git a/src/torcontrol.cpp b/src/torcontrol.cpp
index 1c7bc2dbee..6fabe54afe 100644
--- a/src/torcontrol.cpp
+++ b/src/torcontrol.cpp
@@ -574,7 +574,15 @@ void TorController::protocolinfo_cb(TorControlConnection& conn, const TorControl
* password: "password"
*/
std::string torpassword = GetArg("-torpassword", "");
- if (methods.count("NULL")) {
+ if (!torpassword.empty()) {
+ if (methods.count("HASHEDPASSWORD")) {
+ LogPrint("tor", "tor: Using HASHEDPASSWORD authentication\n");
+ boost::replace_all(torpassword, "\"", "\\\"");
+ conn.Command("AUTHENTICATE \"" + torpassword + "\"", boost::bind(&TorController::auth_cb, this, _1, _2));
+ } else {
+ LogPrintf("tor: Password provided with -torpassword, but HASHEDPASSWORD authentication is not available\n");
+ }
+ } else if (methods.count("NULL")) {
LogPrint("tor", "tor: Using NULL authentication\n");
conn.Command("AUTHENTICATE", boost::bind(&TorController::auth_cb, this, _1, _2));
} else if (methods.count("SAFECOOKIE")) {
@@ -595,13 +603,7 @@ void TorController::protocolinfo_cb(TorControlConnection& conn, const TorControl
}
}
} else if (methods.count("HASHEDPASSWORD")) {
- if (!torpassword.empty()) {
- LogPrint("tor", "tor: Using HASHEDPASSWORD authentication\n");
- boost::replace_all(torpassword, "\"", "\\\"");
- conn.Command("AUTHENTICATE \"" + torpassword + "\"", boost::bind(&TorController::auth_cb, this, _1, _2));
- } else {
- LogPrintf("tor: Password authentication required, but no password provided with -torpassword\n");
- }
+ LogPrintf("tor: The only supported authentication mechanism left is password, but no password provided with -torpassword\n");
} else {
LogPrintf("tor: No supported authentication method\n");
}