[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-commits] [torspec/master] Clarify control port authentication.

To: tor-commits@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-commits] [torspec/master] Clarify control port authentication.
From: nickm@xxxxxxxxxxxxxx
Date: Wed, 10 Aug 2011 17:09:38 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 10 Aug 2011 13:09:52 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-commits>
List-help: <mailto:tor-commits-request@lists.torproject.org?subject=help>
List-id: code repository commits <tor-commits.lists.torproject.org>
List-post: <mailto:tor-commits@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-commits>, <mailto:tor-commits-request@lists.torproject.org?subject=unsubscribe>
Patch-author: Mike Perry <mikeperry-git@xxxxxxxxxx>
Sender: tor-commits-bounces@xxxxxxxxxxxxxxxxxxxx

commit 043051b79f929b39d77eb1520b4fc65a721e85ae
Author: Mike Perry <mikeperry-git@xxxxxxxxxx>
Date:   Wed Aug 10 09:58:42 2011 -0700

    Clarify control port authentication.
    
    Encoded hex strings are useful, but the previous revision conflated them
    with how the tor implementations stores them on disk.
---
 control-spec.txt |   10 +++++++---
 1 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/control-spec.txt b/control-spec.txt
index 160adf4..4aba1fa 100644
--- a/control-spec.txt
+++ b/control-spec.txt
@@ -293,14 +293,18 @@
 3.5. AUTHENTICATE
 
   Sent from the client to the server.  The syntax is:
-     "AUTHENTICATE" [ SP 1*HEXDIG / QuotedString ] CRLF
+     "AUTHENTICATE" [ SP N*HEXDIG / QuotedString ] CRLF
 
   The server responds with "250 OK" on success or "515 Bad authentication" if
   the authentication cookie is incorrect.  Tor closes the connection on an
   authentication failure.
 
-  The format of the 'cookie' is implementation-dependent; see 5.1 below for
-  information on how the standard Tor implementation handles it.
+  The authentication token can be specified as either a quoted ASCII string,
+  or as an unquoted hexadecimal encoding of that same string (to avoid escaping
+  issues).
+
+  For information on how the implementation securely stores authentication
+  information on disk, see section 5.1.
 
   Before the client has authenticated, no command other than PROTOCOLINFO,
   AUTHENTICATE, or QUIT is valid.  If the controller sends any other command,



_______________________________________________
tor-commits mailing list
tor-commits@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-commits

Prev by Author: [tor-commits] [tor/master] Make FooPort 0 correctly disable the FooPort.
Next by Author: [tor-commits] [torspec/master] DIAF RFC2234.
Previous by thread: [tor-commits] [arm/master] Adding tor control socket support
Next by thread: [tor-commits] [torspec/master] DIAF RFC2234.
Index(es):
- Author
- Thread