tor: Change auth order to only use password auth if -torpassword #7703

1. 
   laanwj commented at 11:55 AM on March 17, 2016: member

   Change authentication order to make it more clear, and make it possible to use password authentication even though the Tor instance supports cookie auth (see #7700).

   Before:

   • If Tor is configured to allow cookie authentication, always try cookie authentication first. If cookie authentication fails, stop trying.
   • Only if cookie authentication is not supported try password authentication with value of -torpassword (if provided)

   After:

   • If the -torpassword option is provided, force use of password auth.
   • Give error message if -torpassword provided, but password auth is not available.
   • Give error message if only password auth available, but -torpassword not given.
2. laanwj added the label P2P on Mar 17, 2016
3. laanwj cross-referenced this on Mar 17, 2016 from issue Get hidden service address by levino
4. laanwj added the label Needs backport on Mar 17, 2016
5. laanwj renamed this:
   tor: Change auth order to only use HASHEDPASSWORD if -torpassword
   tor: Change auth order to only use password auth if -torpassword
   on Mar 17, 2016
6. laanwj added the label Privacy on Mar 31, 2016
7. in src/torcontrol.cpp:None in 8f5dcbc7e9 outdated

    608 | -                boost::replace_all(torpassword, "\"", "\\\"");
    609 | -                conn.Command("AUTHENTICATE \"" + torpassword + "\"", boost::bind(&TorController::auth_cb, this, _1, _2));
    610 | -            } else {
    611 | -                LogPrintf("tor: Password authentication required, but no password provided with -torpassword\n");
    612 | -            }
    613 | +            LogPrintf("tor: Only hashed password authentication supported, but no password provided with -torpassword\n");
   

   ---

   ---

   

   sipa commented at 7:10 AM on May 17, 2016:

   This seems a bit misleading: couldn't there be supported authentication mechanism left which we don't support? Suggestion: "Only supported remaining authenthentication mechanism left is password, but ..."

   ---

   

   laanwj commented at 6:04 AM on May 26, 2016:

   Agreed, will change the message

8. 
   sipa commented at 7:15 AM on May 17, 2016: member

   Concept ACK

9. 
   gmaxwell commented at 4:09 PM on May 25, 2016: contributor

   Concept ACK

10. laanwj cross-referenced this on Jun 6, 2016 from issue If bitcoind and tor run as different users bitcoind cannot authenticate with tor control by nathaniel-mahieu
11. tor: Change auth order to only use HASHEDPASSWORD if -torpassword

    Change authentication order to make it more clear (see #7700).
    
    - If the `-torpassword` option is provided, force use of
      `HASHEDPASSWORD` auth.
    
    - Give error message if `-torpassword` provided, but
      `HASHEDPASSWORD` auth is not available.
    
    - Give error message if only `HASHEDPASSWORD` available, but
      `-torpassword` not given.

    2e494489c3
12. laanwj force-pushed on Jun 6, 2016
13. 
    sipa commented at 2:27 PM on June 6, 2016: member

    utACK 2e494489c35499dbe7891d4c07b4c35b178341d1

14. laanwj merged this on Jun 8, 2016
15. laanwj closed this on Jun 8, 2016

    ---

16. laanwj referenced this in commit 761cddb690 on Jun 8, 2016
17. laanwj removed the label Needs backport on Sep 26, 2016
18. laanwj added the label Needs backport on Sep 26, 2016
19. laanwj added this to the milestone 0.12.2 on Sep 26, 2016
20. str4d cross-referenced this on Mar 24, 2017 from issue Tor ephemeral hidden services by str4d
21. zkbot referenced this in commit 45faa928ec on Mar 26, 2017
22. codablock referenced this in commit 87ca45b43f on Sep 16, 2017
23. codablock referenced this in commit 85da6b8b02 on Sep 19, 2017
24. codablock referenced this in commit 881d8329ca on Dec 22, 2017
25. fanquake removed the label Needs backport on Mar 7, 2018
26. andvgal referenced this in commit 5d38f22ec9 on Jan 6, 2019
27. bitcoin locked this on Sep 8, 2021

Contributors

laanwjsipagmaxwell

Milestone
0.12.branch