[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #3958 [Torctl]: pytorctl should learn to try both CookieAuth and PasswordAuth



#3958: pytorctl should learn to try both CookieAuth and PasswordAuth
--------------------+-------------------------------------------------------
 Reporter:  arma    |          Owner:  atagar  
     Type:  defect  |         Status:  assigned
 Priority:  normal  |      Milestone:          
Component:  Torctl  |        Version:          
 Keywords:          |         Parent:          
   Points:          |   Actualpoints:          
--------------------+-------------------------------------------------------

Comment(by rransom):

 Replying to [comment:1 atagar]:
 > Not quite. TorCtl tries the *first* authentication type present in the
 'METHODS=' entry. Iirc this is COOKIE if both are offered so it'll have
 the same issue that's discussed in 3898.
 >
 > When both are offered we should:
 > 1. try the password if we already have it at that point in execution
 (ie, it's an arg to connect)
 > 2. attempt to read the cookie file and use that
 > 3. prompt the user for a password
 >
 > This attempts in order of relative attempt speed, prompting the user as
 a last resort.

 How can we ensure that bandwidth authorities, exit scanners, and other
 unattended processes that use PyTorCtl never try to 'prompt the user for a
 password'?  (That would cause Nagios scripts to think that the process is
 running, even if it's doing nothing.)

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3958#comment:2>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs