nihilist/tor
1
0
Fork 0
mirror of https://gitlab.torproject.org/tpo/core/tor.git synced 2024-12-01 08:03:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Be a bit more verbose in our AUTHENTICATE error messages in the control protocol so the next guy doesn't blame Nick again

Browse Source 
svn:r5245
This commit is contained in:
Peter Palfrader 2005-10-12 19:45:35 +00:00
parent aac738d2be
commit 640211e59a
1 changed files with 9 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/or/control.c
View File

@ -946,6 +946,7 @@ decode_hashed_password(char *buf, const char *hashed)
static int static int
handle_control_authenticate(connection_t *conn, uint32_t len, const char *body) handle_control_authenticate(connection_t *conn, uint32_t len, const char *body)
{ {
int used_quoted_string = 0;
or_options_t *options = get_options(); or_options_t *options = get_options();
char *password; char *password;
size_t password_len; size_t password_len;
@ -959,7 +960,7 @@ handle_control_authenticate(connection_t *conn, uint32_t len, const char *body)
++i; ++i;
password = tor_malloc(i/2 + 1); password = tor_malloc(i/2 + 1);
if (base16_decode(password, i/2+1, body, i)<0) { if (base16_decode(password, i/2+1, body, i)<0) {
connection_write_str_to_buf("551 Invalid hexadecimal encoding\r\n", conn); connection_write_str_to_buf("551 Invalid hexadecimal encoding. Maybe you tried a plain text password? If so, the standard requires you put it in double quotes.\r\n", conn);
tor_free(password); tor_free(password);
return 0; return 0;
} }
@ -969,9 +970,10 @@ handle_control_authenticate(connection_t *conn, uint32_t len, const char *body)
password_len = 0; password_len = 0;
} else { } else {
if (!get_escaped_string(body, len, &password, &password_len)) { if (!get_escaped_string(body, len, &password, &password_len)) {
connection_write_str_to_buf("551 Invalid quoted string\r\n", conn); connection_write_str_to_buf("551 Invalid quoted string. You need to put the password in double quotes.\r\n", conn);
return 0; return 0;
} }
used_quoted_string = 1;
} }
} }
if (options->CookieAuthentication) { if (options->CookieAuthentication) {
@ -983,7 +985,7 @@ handle_control_authenticate(connection_t *conn, uint32_t len, const char *body)
char expected[S2K_SPECIFIER_LEN+DIGEST_LEN]; char expected[S2K_SPECIFIER_LEN+DIGEST_LEN];
char received[DIGEST_LEN]; char received[DIGEST_LEN];
if (decode_hashed_password(expected, options->HashedControlPassword)<0) { if (decode_hashed_password(expected, options->HashedControlPassword)<0) {
log_fn(LOG_WARN,"Couldn't decode HashedControlPassword: invalid base64"); log_fn(LOG_WARN,"Couldn't decode HashedControlPassword: invalid base16");
goto err; goto err;
} }
secret_to_key(received,DIGEST_LEN,password,password_len,expected); secret_to_key(received,DIGEST_LEN,password,password_len,expected);
@ -1001,7 +1003,10 @@ handle_control_authenticate(connection_t *conn, uint32_t len, const char *body)
send_control0_error(conn,ERR_REJECTED_AUTHENTICATION,"Authentication failed"); send_control0_error(conn,ERR_REJECTED_AUTHENTICATION,"Authentication failed");
else { else {
tor_free(password); tor_free(password);
if (used_quoted_string)
connection_write_str_to_buf("515 Authentication failed\r\n", conn); connection_write_str_to_buf("515 Authentication failed\r\n", conn);
else
connection_write_str_to_buf("515 Authentication failed. Maybe you tried a plain text password? If so, the standard requires you put it in double quotes.\r\n", conn);
} }
return 0; return 0;
ok: ok: