[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] [torflow/master 2/8] Added cookie_file parameter to check_dns_rebind
Author: John M. Schanck <john@xxxxxxxxxxx>
Date: Sat, 15 May 2010 21:17:01 -0400
Subject: Added cookie_file parameter to check_dns_rebind
Commit: 7b764bc4e6c67efec4a832565a03f0a4d8a7ff7e
---
NetworkScanners/ExitAuthority/soat.py | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/NetworkScanners/ExitAuthority/soat.py b/NetworkScanners/ExitAuthority/soat.py
index 3972cd9..cf6706f 100755
--- a/NetworkScanners/ExitAuthority/soat.py
+++ b/NetworkScanners/ExitAuthority/soat.py
@@ -259,7 +259,7 @@ class ExitScanHandler(ScanSupport.ScanHandler):
plog('INFO', 'Total bad exits: ' + `len(bad_exits)` + ' (~' + `(len(bad_exits) * 100 / len(routers))` + '%)')
# FIXME: Hrmm is this in the right place?
- def check_dns_rebind(self):
+ def check_dns_rebind(self, cookie_file):
'''
A DNS-rebind attack test that runs in the background and monitors REMAP
events The test makes sure that external hosts are not resolved to private
@@ -270,8 +270,8 @@ class ExitScanHandler(ScanSupport.ScanHandler):
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((TorUtil.control_host, TorUtil.control_port))
- c = Connection(s)
- c.authenticate()
+ c = PathSupport.Connection(s)
+ c.authenticate_cookie(file(cookie_file, "r"))
except socket.error, e:
plog('ERROR', 'Couldn\'t connect to the control port')
plog('ERROR', e)
@@ -2691,7 +2691,7 @@ def main(argv):
# initiate the passive dns rebind attack monitor
if do_dns_rebind:
- scanhdlr.check_dns_rebind()
+ scanhdlr.check_dns_rebind(data_dir+"tor/control_auth_cookie")
# check for sketchy exit policies
if do_consistency:
--
1.6.5