[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r13777: The control port should declare that it requires password au (in tor/branches/tor-0_2_0-patches: . src/or)



Author: arma
Date: 2008-02-28 20:43:44 -0500 (Thu, 28 Feb 2008)
New Revision: 13777

Modified:
   tor/branches/tor-0_2_0-patches/ChangeLog
   tor/branches/tor-0_2_0-patches/src/or/control.c
Log:
The control port should declare that it requires password auth
when HashedControlSessionPassword is set too. Patch from Matt Edman;
bugfix on 0.2.0.20-rc. Fixes bug 615.


Modified: tor/branches/tor-0_2_0-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_2_0-patches/ChangeLog	2008-02-28 21:37:39 UTC (rev 13776)
+++ tor/branches/tor-0_2_0-patches/ChangeLog	2008-02-29 01:43:44 UTC (rev 13777)
@@ -1,9 +1,13 @@
 Changes in version 0.2.0.21-rc - 2008-0?-??
-  o Minor bugfixes:
+  o Bugfixes:
+    - The control port should declare that it requires password auth
+      when HashedControlSessionPassword is set too. Patch from Matt Edman;
+      bugfix on 0.2.0.20-rc. Fixes bug 615.
     - Downgrade assert in connection_buckets_decrement() to a log message.
-      This may help us solve bug 614, and in any case will make its symptoms
-      less severe.  Bugfix on 0.2.0.20-rc.
+      This may help us solve bug 614, and in any case will make its
+      symptoms less severe. Bugfix on 0.2.0.20-rc.
 
+
 Changes in version 0.2.0.20-rc - 2008-02-24
   Tor 0.2.0.20-rc is the first release candidate for the 0.2.0 series. It
   makes more progress towards normalizing Tor's TLS handshake, makes
@@ -80,7 +84,8 @@
   o Minor bugfixes (memory leaks and code problems):
     - We were leaking a file descriptor if Tor started with a zero-length
       cached-descriptors file. Patch by freddy77; bugfix on 0.1.2.
-    - Detect size overflow in zlib code. Reported by Dan Kaminsky.
+    - Detect size overflow in zlib code. Reported by Justin Ferguson and
+      Dan Kaminsky.
     - We were comparing the raw BridgePassword entry with a base64'ed
       version of it, when handling a "/tor/networkstatus-bridges"
       directory request. Now compare correctly. Noticed by Veracode.

Modified: tor/branches/tor-0_2_0-patches/src/or/control.c
===================================================================
--- tor/branches/tor-0_2_0-patches/src/or/control.c	2008-02-28 21:37:39 UTC (rev 13776)
+++ tor/branches/tor-0_2_0-patches/src/or/control.c	2008-02-29 01:43:44 UTC (rev 13777)
@@ -2541,7 +2541,8 @@
     char *esc_cfile = esc_for_log(cfile);
     char *methods;
     {
-      int passwd = (options->HashedControlPassword != NULL);
+      int passwd = (options->HashedControlPassword != NULL ||
+                    options->HashedControlSessionPassword != NULL);
       smartlist_t *mlist = smartlist_create();
       if (cookies)
         smartlist_add(mlist, (char*)"COOKIE");