Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tor null auth and listen fixes #2490

Merged
merged 2 commits into from Mar 15, 2019
Merged

Tor null auth and listen fixes #2490

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
288870f
tor: add support for NULL authentication to controller
aakselrod Jan 17, 2019
66a1502
config: default to listening for p2p on localhost when tor enabled
aakselrod Jan 17, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
19 changes: 15 additions & 4 deletions tor/controller.go
View file
Open in desktop
Expand Up @@ -163,7 +163,7 @@ func parseTorReply(reply string) map[string]string {
}

// authenticate authenticates the connection between the controller and the
// Tor server using the SAFECOOKIE authentication method.
// Tor server using the SAFECOOKIE or NULL authentication method.
func (c *Controller) authenticate() error {
// Before proceeding to authenticate the connection, we'll retrieve
// the authentication cookie of the Tor server. This will be used
Expand All @@ -176,6 +176,13 @@ func (c *Controller) authenticate() error {
"%v", err)
}

// If cookie is empty and there's no error, we have a NULL
// authentication method that we should use instead.
if len(cookie) == 0 {
Roasbeef marked this conversation as resolved.
Show resolved Hide resolved
_, _, err := c.sendCommand("AUTHENTICATE")
return err
}

// Authenticating using the SAFECOOKIE authentication method is a two
// step process. We'll kick off the authentication routine by sending
// the AUTHCHALLENGE command followed by a hex-encoded 32-byte nonce.
Expand Down Expand Up @@ -274,17 +281,21 @@ func (c *Controller) getAuthCookie() ([]byte, error) {
c.version = version

// Ensure that the Tor server supports the SAFECOOKIE authentication
// method.
// method or the NULL method. If NULL, we don't need the cookie info
// below this loop, so we just return.
safeCookieSupport := false
for _, authMethod := range authMethods {
if authMethod == "SAFECOOKIE" {
safeCookieSupport = true
}
if authMethod == "NULL" {
return nil, nil
}
}

if !safeCookieSupport {
return nil, errors.New("the Tor server is currently not " +
"configured for cookie authentication")
"configured for cookie or null authentication")
}

// Read the cookie from the file and ensure it has the correct length.
Expand Down Expand Up @@ -374,7 +385,7 @@ func (c *Controller) ProtocolInfo() ([]string, string, string, error) {
}

cookieFile, ok := info["COOKIEFILE"]
if !ok {
if !ok && !strings.Contains(methods, "NULL") {
return nil, "", "", errors.New("cookie file path not found " +
"in reply")
}
Expand Down