Skip to content
GitLab
Closed
Created by edmanm@edmanm

PROTOCOLINFO returns incorrect auth methods when HashedControlPassword is used on command line

Tor 0.2.0.20-rc's response to a PROCOLINFO command fails to include the HASHEDPASSWORD method when a HashedControlPassword is used on the command line. This can be reproduced by starting Tor with the following command:

tor ControlPort 9051 HashedControlPassword 16:09724E2AACEF0B4C60BD49793E3B2F84912034369B6528CCE2815BBE70

The PROTOCOLINFO command then returns the following results:

edmanm@lysithea:~$ telnet localhost 9051
Trying 127.0.0.1...
Connected to localhost.
Escape character is '!^]'.
protocolinfo
250-PROTOCOLINFO 1
250-AUTH METHODS=NULL
250-VERSION Tor="0.2.0.20-rc"
250 OK

Note that the PROTOCOLINFO response claims Tor does not require any authentication, even though the HASHEDPASSWORD method should be included in the AUTH METHODS list.

The following patch fixes the problem:

Index: src/or/control.c

--- src/or/control.c (revision 13776) +++ src/or/control.c (working copy) @@ -2541,7 +2541,8 @@ char *esc_cfile = esc_for_log(cfile); char *methods; {

  •  int passwd = (options->HashedControlPassword != NULL);
  •  int passwd = (options->HashedControlPassword != NULL ||
  •                options->HashedControlSessionPassword != NULL);
 smartlist_t *mlist = smartlist_create();
 if (cookies)
   smartlist_add(mlist, (char*)"COOKIE");

[Automatically added by flyspray2trac: Operating System: All]

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information