[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [vidalia/alpha] Check that the auth cookie size is exactly 32bytes

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [vidalia/alpha] Check that the auth cookie size is exactly 32bytes
From: chiiph@xxxxxxxxxxxxxx
Date: Sat, 24 Dec 2011 22:02:49 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 24 Dec 2011 17:03:02 -0500
List-archive: <http://lists.torproject.org/pipermail/tor-commits>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: code repository commits <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Tomás Touceda <chiiph@xxxxxxxxxxxxxx>
Sender: tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx

commit 708ac9ccd9a1491775064f5b4680074dca8a254d
Author: TomÃ¡s Touceda <chiiph@xxxxxxxxxxxxxx>
Date:   Sat Dec 24 18:32:14 2011 -0300

    Check that the auth cookie size is exactly 32bytes
---
 changes/bug4304            |    2 ++
 src/vidalia/MainWindow.cpp |    5 +++++
 2 files changed, 7 insertions(+), 0 deletions(-)

diff --git a/changes/bug4304 b/changes/bug4304
new file mode 100644
index 0000000..cc48e7e
--- /dev/null
+++ b/changes/bug4304
@@ -0,0 +1,2 @@
+  o Check that the authentication-cookie file length is exactly 32
+    bytes long. Fixes bug 4304.
\ No newline at end of file
diff --git a/src/vidalia/MainWindow.cpp b/src/vidalia/MainWindow.cpp
index 6e5c96d..183e78f 100644
--- a/src/vidalia/MainWindow.cpp
+++ b/src/vidalia/MainWindow.cpp
@@ -1289,6 +1289,11 @@ MainWindow::tryCookie(const ProtocolInfo &pi)
     cookieDir = QFileInfo(cookieDir).absolutePath();
     cookie = loadControlCookie(cookieDir);
   }
+  if(cookie.size() != 32) {
+    vWarn(QString("Cookie length has to be exactly 32 bytes long. Found %s bytes")
+          .arg(cookie.size()));
+    return false;
+  }
   vNotice("Authenticating using 'cookie' authentication.");
   return _torControl->authenticate(cookie);
 }

_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [vidalia/alpha] Add more checks to the plugin engine
Next by Author: [tor-commits] [vidalia/master] Actually disable AutoControl setting
Previous by thread: [tor-commits] r25269: {website} TBB doesn't make it easy to allow flash at all. Mention yout (website/trunk/download/en)
Next by thread: [tor-commits] r25270: {website} Add bullet titles for each warning bullet, so the list can b (website/trunk/download/en)
Index(es):
- Author
- Thread