test: Add coverage for Tor control `HASHEDPASSWORD` authentication #35292

pull winterrdog wants to merge 1 commits into bitcoin:master from winterrdog:test/torcontrol-hashedpassword-auth changing 1 files +69 −0
  1. winterrdog commented at 6:28 PM on May 14, 2026: none

    this is a tests-only PR aimed at adding functional test coverage for Tor control HASHEDPASSWORD authentication.

    currently, the functional test suite does not explicitly explore this authentication path, which means regressions in tor authentication handling could go unnoticed. for instance incorrectly formatted AUTHENTICATE commands, broken fallback behavior, or authentication attempts being made when no password is configured.

    The 4 tests herein extend the existing mock tor control server to simulate METHODS=HASHEDPASSWORD responses and cover successful authentication with the correct password, failing with an incorrect password, behavior when -torpassword is not set, and cases where the server does not choose to advertise HASHEDPASSWORD as a way of authenticating.

    tested with the test harness:

    ./build/test/functional/test_runner.py ./build/test/functional/feature_torcontrol.py --loglevel=debug --failfast
  2. DrahtBot added the label Tests on May 14, 2026
  3. DrahtBot commented at 6:28 PM on May 14, 2026: contributor

    <!--e57a25ab6845829454e8d69fc972939a-->

    The following sections might be updated with supplementary metadata relevant to reviewers and maintainers.

    <!--006a51241073e994b41acfe9ec718e94-->

    Code Coverage & Benchmarks

    For details see: https://corecheck.dev/bitcoin/bitcoin/pulls/35292.

    <!--021abf342d371248e50ceaed478a90ca-->

    Reviews

    See the guideline for information on the review process. A summary of reviews will appear here.

    <!--5faf32d7da4f0f540f40219e4f7537a3-->

  4. sedited commented at 6:42 PM on May 14, 2026: contributor

    @winterrdog can you re-write the description in your own words without following this LLM-formulaic format? This would give reviewers more confidence that you understand the change.

  5. winterrdog commented at 6:59 PM on May 14, 2026: none

    re-write the description in your own words without following this LLM-formulaic format?

    thanks! done edition (seems like i followed the wrong examples online).

  6. DrahtBot added the label CI failed on May 14, 2026
  7. DrahtBot commented at 7:44 PM on May 14, 2026: contributor

    <!--85328a0da195eb286784d51f73fa0af9-->

    🚧 At least one of the CI tasks failed. <sub>Task lint: https://github.com/bitcoin/bitcoin/actions/runs/25877900203/job/76052468485</sub> <sub>LLM reason (✨ experimental): CI failed due to Python lint errors from ruff (F541: extraneous f-string prefixes) in test/functional/feature_torcontrol.py.</sub>

    <details><summary>Hints</summary>

    Try to run the tests locally, according to the documentation. However, a CI failure may still happen due to a number of reasons, for example:

    • Possibly due to a silent merge conflict (the changes in this pull request being incompatible with the current code in the target branch). If so, make sure to rebase on the latest commit of the target branch.

    • A sanitizer issue, which can only be found by compiling with the sanitizer and running the affected test.

    • An intermittent issue.

    Leave a comment here, if you need help tracking down a confusing failure.

    </details>

  8. winterrdog force-pushed on May 14, 2026
  9. winterrdog force-pushed on May 14, 2026
  10. test: Add HASHEDPASSWORD authentication tests for Tor control
    Add functional test coverage for the HASHEDPASSWORD authentication
method in Bitcoin Core's Tor control protocol implementation.

The Tor control spec (section 3.5) defines HASHEDPASSWORD as one of 3
authentication methods. When a Tor controller advertises HASHEDPASSWORD
support via PROTOCOLINFO, clients must send their password as a quoted
string in the AUTHENTICATE command. These tests verify Bitcoin Core's
torcontrol module correctly implements this protocol flow.

Test scenarios:
- Correct password: Verify AUTHENTICATE sends password as quoted string
  per spec requirement ("AUTHENTICATE \"password\"" format)
- Wrong password: Verify authentication fails with spec-compliant 515
  error and connection stops after failure
- Missing password: Verify no AUTHENTICATE is sent when -torpassword is
  unset, preventing authentication attempts without credentials
- Unsupported method: Verify -torpassword is ignored when Tor does not
  advertise HASHEDPASSWORD support, avoiding unnecessary auth attempts
    f886aa2434
  11. winterrdog force-pushed on May 14, 2026
  12. DrahtBot removed the label CI failed on May 14, 2026
  13. in test/functional/feature_torcontrol.py:303 in f886aa2434 
     298 | +        self.wait_until(lambda: len(mock_tor.received_commands) >= 2, timeout=10)
 299 | +        assert_equal(mock_tor.received_commands[0], "PROTOCOLINFO 1")
 300 | +        assert_equal(mock_tor.received_commands[1], 'AUTHENTICATE "wrong_password"')
 301 | +        # After auth failure, no further commands should be sent and authentication failure should be logged
 302 | +        ensure_for(duration=2, f=lambda: len(mock_tor.received_commands) == 2)
 303 | +        self.wait_until(lambda: any("Authentication failed" in line for line in self.nodes[0].debug_log_path.read_text().splitlines()))
    davidgumberg commented at 11:23 PM on May 14, 2026:

    What is this testing separately from the correct password test?

Contributors
winterrdogDrahtBotsediteddavidgumberg
Labels
Tests
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-15 03:12 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me