tor: Change auth order to only use password auth if -torpassword #7703

pull laanwj wants to merge 1 commits into bitcoin:master from laanwj:2016_03_auth_order changing 1 files +10 −8
  1. laanwj commented at 11:55 am on March 17, 2016: member

    Change authentication order to make it more clear, and make it possible to use password authentication even though the Tor instance supports cookie auth (see #7700).

    Before:

    • If Tor is configured to allow cookie authentication, always try cookie authentication first. If cookie authentication fails, stop trying.
    • Only if cookie authentication is not supported try password authentication with value of -torpassword (if provided)

    After:

    • If the -torpassword option is provided, force use of password auth.
    • Give error message if -torpassword provided, but password auth is not available.
    • Give error message if only password auth available, but -torpassword not given.
  2. laanwj added the label P2P on Mar 17, 2016
  3. laanwj added the label Needs backport on Mar 17, 2016
  4. laanwj renamed this:
    tor: Change auth order to only use HASHEDPASSWORD if -torpassword
    tor: Change auth order to only use password auth if -torpassword
    on Mar 17, 2016
  5. laanwj added the label Privacy on Mar 31, 2016
  6. in src/torcontrol.cpp: in 8f5dcbc7e9 outdated
    608-                boost::replace_all(torpassword, "\"", "\\\"");
    609-                conn.Command("AUTHENTICATE \"" + torpassword + "\"", boost::bind(&TorController::auth_cb, this, _1, _2));
    610-            } else {
    611-                LogPrintf("tor: Password authentication required, but no password provided with -torpassword\n");
    612-            }
    613+            LogPrintf("tor: Only hashed password authentication supported, but no password provided with -torpassword\n");
    


    sipa commented at 7:10 am on May 17, 2016:
    This seems a bit misleading: couldn’t there be supported authentication mechanism left which we don’t support? Suggestion: “Only supported remaining authenthentication mechanism left is password, but …”

    laanwj commented at 6:04 am on May 26, 2016:
    Agreed, will change the message
  7. sipa commented at 7:15 am on May 17, 2016: member
    Concept ACK
  8. gmaxwell commented at 4:09 pm on May 25, 2016: contributor
    Concept ACK
  9. tor: Change auth order to only use HASHEDPASSWORD if -torpassword
    Change authentication order to make it more clear (see #7700).
    
    - If the `-torpassword` option is provided, force use of
      `HASHEDPASSWORD` auth.
    
    - Give error message if `-torpassword` provided, but
      `HASHEDPASSWORD` auth is not available.
    
    - Give error message if only `HASHEDPASSWORD` available, but
      `-torpassword` not given.
    2e494489c3
  10. laanwj force-pushed on Jun 6, 2016
  11. sipa commented at 2:27 pm on June 6, 2016: member
    utACK 2e494489c35499dbe7891d4c07b4c35b178341d1
  12. laanwj merged this on Jun 8, 2016
  13. laanwj closed this on Jun 8, 2016

  14. laanwj referenced this in commit 761cddb690 on Jun 8, 2016
  15. laanwj removed the label Needs backport on Sep 26, 2016
  16. laanwj added the label Needs backport on Sep 26, 2016
  17. laanwj added this to the milestone 0.12.2 on Sep 26, 2016
  18. zkbot referenced this in commit 45faa928ec on Mar 26, 2017
  19. codablock referenced this in commit 87ca45b43f on Sep 16, 2017
  20. codablock referenced this in commit 85da6b8b02 on Sep 19, 2017
  21. codablock referenced this in commit 881d8329ca on Dec 22, 2017
  22. fanquake removed the label Needs backport on Mar 7, 2018
  23. andvgal referenced this in commit 5d38f22ec9 on Jan 6, 2019
  24. MarcoFalke locked this on Sep 8, 2021


laanwj sipa gmaxwell

Labels
P2P Privacy

Milestone
0.12.branch


github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-12-21 15:12 UTC

This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me