Skip to content
GitLab
  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Tor Tor
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 316
    • Issues 316
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 34
    • Merge requests 34
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • The Tor Project
  • Core
  • TorTor
  • Issues
  • #615
Closed
Open
Created Feb 29, 2008 by edmanm@edmanm

PROTOCOLINFO returns incorrect auth methods when HashedControlPassword is used on command line

Tor 0.2.0.20-rc's response to a PROCOLINFO command fails to include the HASHEDPASSWORD method when a HashedControlPassword is used on the command line. This can be reproduced by starting Tor with the following command:

tor ControlPort 9051 HashedControlPassword 16:09724E2AACEF0B4C60BD49793E3B2F84912034369B6528CCE2815BBE70

The PROTOCOLINFO command then returns the following results:

edmanm@lysithea:~$ telnet localhost 9051
Trying 127.0.0.1...
Connected to localhost.
Escape character is '!^]'.
protocolinfo
250-PROTOCOLINFO 1
250-AUTH METHODS=NULL
250-VERSION Tor="0.2.0.20-rc"
250 OK

Note that the PROTOCOLINFO response claims Tor does not require any authentication, even though the HASHEDPASSWORD method should be included in the AUTH METHODS list.

The following patch fixes the problem:

Index: src/or/control.c

--- src/or/control.c (revision 13776) +++ src/or/control.c (working copy) @@ -2541,7 +2541,8 @@ char *esc_cfile = esc_for_log(cfile); char *methods; {

  •  int passwd = (options->HashedControlPassword != NULL);
  •  int passwd = (options->HashedControlPassword != NULL ||
  •                options->HashedControlSessionPassword != NULL);
     smartlist_t *mlist = smartlist_create();
     if (cookies)
       smartlist_add(mlist, (char*)"COOKIE");

[Automatically added by flyspray2trac: Operating System: All]

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking