[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r11038: Warn about unsafe ControlPort configurations. (in tor/trunk: . src/or)

To: or-cvs@xxxxxxxxxxxxx
Subject: [or-cvs] r11038: Warn about unsafe ControlPort configurations. (in tor/trunk: . src/or)
From: nickm@xxxxxxxx
Date: Thu, 2 Aug 2007 17:03:41 -0400 (EDT)
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-cvs-outgoing@xxxxxxxx
Delivered-to: or-cvs@xxxxxxxx
Delivery-date: Thu, 02 Aug 2007 17:03:47 -0400
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-cvs@xxxxxxxxxxxxx

Author: nickm
Date: 2007-08-02 17:03:40 -0400 (Thu, 02 Aug 2007)
New Revision: 11038

Modified:
   tor/trunk/
   tor/trunk/ChangeLog
   tor/trunk/src/or/config.c
Log:
 r13919@Kushana:  nickm | 2007-08-02 10:58:31 -0700
 Warn about unsafe ControlPort configurations.



Property changes on: tor/trunk
___________________________________________________________________
 svk:merge ticket from /tor/trunk [r13919] on c95137ef-5f19-0410-b913-86e773d04f59

Modified: tor/trunk/ChangeLog
===================================================================
--- tor/trunk/ChangeLog	2007-08-02 17:30:42 UTC (rev 11037)
+++ tor/trunk/ChangeLog	2007-08-02 21:03:40 UTC (rev 11038)
@@ -2,7 +2,10 @@
   o Major bugfixes (compilation):
     - Try to fix win32 compilation again: Improve checking for ipv6 types.
 
+  o Minor featuers (security):
+    - Warn about unsafe ControlPort configurations.
 
+
 Changes in version 0.2.0.4-alpha - 2007-08-01
   o Major security fixes:
     - Close immediately after missing authentication on control port;

Modified: tor/trunk/src/or/config.c
===================================================================
--- tor/trunk/src/or/config.c	2007-08-02 17:30:42 UTC (rev 11037)
+++ tor/trunk/src/or/config.c	2007-08-02 21:03:40 UTC (rev 11038)
@@ -2884,6 +2884,37 @@
   if (options->HashedControlPassword && options->CookieAuthentication)
     REJECT("Cannot set both HashedControlPassword and CookieAuthentication");
 
+  if (options->ControlListenAddress) {
+    int all_are_local = 1;
+    config_line_t *ln;
+    for (ln = options->ControlListenAddress; ln; ln = ln->next) {
+      if (strcmpstart(ln->value, "127."))
+        all_are_local = 0;
+    }
+    if (!all_are_local) {
+      if (!options->HashedControlPassword && !options->CookieAuthentication) {
+        log_warn(LD_CONFIG, "You have a ControlListenAddress set to accept "
+                 "connections from a non-local address.  This means that "
+                 "any program on the internet can reconfigure your Tor. "
+                 "That's so bad that I'm closing your ControlPort for you.");
+        options->ControlPort = 0;
+      } else {
+        log_warn(LD_CONFIG, "You have a ControlListenAddress set to accept "
+                 "connections from a non-local address.  This means that "
+                 "programs not running on your computer can reconfigure your "
+                 "Tor.  That's pretty bad!");
+      }
+    }
+  }
+
+  if (options->ControlPort && !options->HashedControlPassword &&
+      !options->CookieAuthentication) {
+    log_warn(LD_CONFIG, "ControlPort is open, but no authentication method "
+             "has been configured.  This means that any program on your "
+             "computer can reconfigure your Tor.  That's bad!  You should "
+             "upgrade your Tor controller as soon as possible.");
+  }
+
   if (options->UseEntryGuards && ! options->NumEntryGuards)
     REJECT("Cannot enable UseEntryGuards with NumEntryGuards set to 0");

Prev by Author: [or-cvs] r11037: Try (once again) to fix mingw build wrt detecting ipv6 types (in tor/trunk: . src/common)
Next by Author: [or-cvs] r11039: Document new authentication behavior in control-spec.txt (in tor/trunk: . doc/spec)
Previous by thread: [or-cvs] r11037: Try (once again) to fix mingw build wrt detecting ipv6 types (in tor/trunk: . src/common)
Next by thread: [or-cvs] r11039: Document new authentication behavior in control-spec.txt (in tor/trunk: . doc/spec)
Index(es):
- Author
- Thread