Commit f606d74f authored by Roger Dingledine's avatar Roger Dingledine
Browse files

backport candidate:

- If we require CookieAuthentication but we fail to write the
  cookie file, we would warn but not exit, and end up in a state
  where no controller could authenticate. Now we exit.
- If we require CookieAuthentication, stop generating a new cookie
  every time we change any piece of our config.


svn:r11117
parent 93375d9a
Loading
Loading
Loading
Loading
+8 −0
Original line number Diff line number Diff line
@@ -26,6 +26,14 @@ Changes in version 0.2.0.5-alpha - 2007-??-??
    - Read v3 keys from the right location.
    - Numerous bugfixes to directory voting code.

  o Minor bugfixes (other):
    - If we require CookieAuthentication but we fail to write the
      cookie file, we would warn but not exit, and end up in a state
      where no controller could authenticate. Now we exit.
    - If we require CookieAuthentication, stop generating a new cookie
      every time we change any piece of our config.


Changes in version 0.2.0.4-alpha - 2007-08-01
  o Major security fixes:
    - Close immediately after missing authentication on control port;
+4 −1
Original line number Diff line number Diff line
@@ -1039,7 +1039,10 @@ options_act(or_options_t *old_options)
  /* Update address policies. */
  policies_parse_from_options(options);

  init_cookie_authentication(options->CookieAuthentication);
  if (init_cookie_authentication(options->CookieAuthentication) < 0) {
    log_warn(LD_CONFIG,"Error creating cookie authentication file.");
    return -1;
  }

  /* reload keys as needed for rendezvous services. */
  if (rend_service_load_keys()<0) {
+9 −2
Original line number Diff line number Diff line
@@ -3343,7 +3343,8 @@ control_event_guard(const char *nickname, const char *digest,

/** Choose a random authentication cookie and write it to disk.
 * Anybody who can read the cookie from disk will be considered
 * authorized to use the control connection. */
 * authorized to use the control connection. Return -1 if we can't
 * write the file, or 0 on success. */
int
init_cookie_authentication(int enabled)
{
@@ -3354,13 +3355,19 @@ init_cookie_authentication(int enabled)
    return 0;
  }

  /* We don't want to generate a new cookie every time we call
   * options_act(). One should be enough. */
  if (authentication_cookie_is_set)
    return 0; /* all set */

  tor_snprintf(fname, sizeof(fname), "%s"PATH_SEPARATOR"control_auth_cookie",
               get_options()->DataDirectory);
  crypto_rand(authentication_cookie, AUTHENTICATION_COOKIE_LEN);
  authentication_cookie_is_set = 1;
  if (write_bytes_to_file(fname, authentication_cookie,
                          AUTHENTICATION_COOKIE_LEN, 1)) {
    log_warn(LD_FS,"Error writing authentication cookie.");
    log_warn(LD_FS,"Error writing authentication cookie to %s.",
             escaped(fname));
    return -1;
  }