[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[or-cvs] Implement two flavors of authentication for control connect...
- To: or-cvs@freehaven.net
- Subject: [or-cvs] Implement two flavors of authentication for control connect...
- From: nickm@seul.org (Nick Mathewson)
- Date: Wed, 3 Nov 2004 14:49:06 -0500 (EST)
- Delivered-to: archiver@seul.org
- Delivered-to: or-cvs-outgoing@seul.org
- Delivered-to: or-cvs@seul.org
- Delivery-date: Wed, 03 Nov 2004 14:49:41 -0500
- Reply-to: or-dev@freehaven.net
- Sender: owner-or-cvs@freehaven.net
Update of /home/or/cvsroot/src/or
In directory moria.mit.edu:/tmp/cvs-serv16385/src/or
Modified Files:
config.c control.c main.c or.h
Log Message:
Implement two flavors of authentication for control connections: one for trusted FS, one for untrusted FS.
Index: config.c
===================================================================
RCS file: /home/or/cvsroot/src/or/config.c,v
retrieving revision 1.197
retrieving revision 1.198
diff -u -d -r1.197 -r1.198
--- config.c 3 Nov 2004 18:29:29 -0000 1.197
+++ config.c 3 Nov 2004 19:49:03 -0000 1.198
@@ -101,6 +101,7 @@
VAR("MyFamily", STRING, MyFamily, NULL),
VAR("NodeFamily", LINELIST, NodeFamilies, NULL),
VAR("Group", STRING, Group, NULL),
+ VAR("HashedControlPassword",STRING, HashedControlPassword, NULL),
VAR("HttpProxy", STRING, HttpProxy, NULL),
VAR("HiddenServiceDir", LINELIST, RendConfigLines, NULL),
VAR("HiddenServicePort", LINELIST, RendConfigLines, NULL),
@@ -183,12 +184,13 @@
int i = 1;
while (i < argc-1) {
- if (!strcmp(argv[i],"-f")) {
-// log(LOG_DEBUG,"Commandline: skipping over -f.");
- i += 2; /* this is the config file option. ignore it. */
+ if (!strcmp(argv[i],"-f") ||
+ !strcmp(argv[i],"--hash-password")) {
+ i += 2; /* command-line option with argument. ignore them. */
continue;
} else if (!strcmp(argv[i],"--list-fingerprint")) {
i += 1; /* command-line option. ignore it. */
+ continue;
}
new = tor_malloc(sizeof(struct config_line_t));
@@ -803,7 +805,12 @@
++i;
} else if (!strcmp(argv[i],"--list-fingerprint")) {
options->command = CMD_LIST_FINGERPRINT;
+ } else if (!strcmp(argv[i],"--hash-password")) {
+ options->command = CMD_HASH_PASSWORD;
+ options->command_arg = tor_strdup(argv[i+1]);
+ ++i;
}
+
}
if (using_default_torrc) {
Index: control.c
===================================================================
RCS file: /home/or/cvsroot/src/or/control.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -d -r1.3 -r1.4
--- control.c 3 Nov 2004 18:33:07 -0000 1.3
+++ control.c 3 Nov 2004 19:49:03 -0000 1.4
@@ -47,6 +47,10 @@
static uint32_t global_event_mask = 0;
+#define AUTHENTICATION_COOKIE_LEN 32
+static int authentication_cookie_is_set = 0;
+static char authentication_cookie[AUTHENTICATION_COOKIE_LEN];
+
static void update_global_event_mask(void);
static void send_control_message(connection_t *conn, uint16_t type,
uint16_t len, const char *body);
@@ -216,13 +220,34 @@
static int handle_control_authenticate(connection_t *conn, uint16_t len,
const char *body)
{
- if (0/* XXXX009 NM */) {
- send_control_done(conn);
- conn->state = CONTROL_CONN_STATE_OPEN;
- } else {
- send_control_error(conn, ERR_FAILED_AUTHENTICATION,"Authentication failed");
+ if (len == AUTHENTICATION_COOKIE_LEN &&
+ authentication_cookie_is_set &&
+ !memcmp(authentication_cookie, body, len)) {
+ goto ok;
+ } else if (options.HashedControlPassword) {
+ char expected[S2K_SPECIFIER_LEN+DIGEST_LEN];
+ char received[DIGEST_LEN];
+ if (base64_decode(expected,sizeof(expected),
+ options.HashedControlPassword,
+ strlen(options.HashedControlPassword))<0) {
+ /* XXXX009 NM we should warn sooner. */
+ log_fn(LOG_WARN,"Couldn't decode HashedControlPassword: invalid base64");
+ goto err;
+ }
+ secret_to_key(received,DIGEST_LEN,body,len,expected);
+ if (!memcmp(expected+S2K_SPECIFIER_LEN, received, DIGEST_LEN))
+ goto ok;
}
+
+ err:
+ send_control_error(conn, ERR_FAILED_AUTHENTICATION,"Authentication failed");
+ return 0;
+ ok:
+ log_fn(LOG_INFO, "Authenticated control connection (%d)", conn->s);
+ send_control_done(conn);
+ conn->state = CONTROL_CONN_STATE_OPEN;
return 0;
+
}
int connection_control_finished_flushing(connection_t *conn) {
@@ -391,6 +416,25 @@
send_control_event(EVENT_WARNING, (uint16_t)(len+1), msg);
}
+int init_cookie_authentication(void)
+{
+ char fname[512];
+
+ /* XXXX009 NM add config option to disable this. */
+
+ tor_snprintf(fname, sizeof(fname), "%s/control_auth_cookie",
+ get_data_directory(&options));
+ crypto_rand(authentication_cookie, AUTHENTICATION_COOKIE_LEN);
+ authentication_cookie_is_set = 1;
+ if (write_bytes_to_file(fname, authentication_cookie,
+ AUTHENTICATION_COOKIE_LEN, 1)) {
+ log_fn(LOG_WARN,"Error writing authentication cookie.");
+ return -1;
+ }
+
+ return 0;
+}
+
/*
Local Variabls:
mode:c
Index: main.c
===================================================================
RCS file: /home/or/cvsroot/src/or/main.c,v
retrieving revision 1.351
retrieving revision 1.352
diff -u -d -r1.351 -r1.352
--- main.c 3 Nov 2004 18:33:07 -0000 1.351
+++ main.c 3 Nov 2004 19:49:03 -0000 1.352
@@ -1373,6 +1373,25 @@
}
}
+/** DOCDOC **/
+static void do_hash_password(void)
+{
+
+ char output[256];
+ char key[S2K_SPECIFIER_LEN+DIGEST_LEN];
+
+ crypto_rand(key, S2K_SPECIFIER_LEN-1);
+ key[S2K_SPECIFIER_LEN-1] = (uint8_t)96; /* Hash 64 K of data. */
+ secret_to_key(key+S2K_SPECIFIER_LEN, DIGEST_LEN,
+ options.command_arg, strlen(options.command_arg),
+ key);
+ if (base64_encode(output, sizeof(output), key, sizeof(key))<0) {
+ log_fn(LOG_ERR, "Unable to compute base64");
+ } else {
+ printf("%s",output);
+ }
+}
+
#ifdef MS_WINDOWS_SERVICE
void nt_service_control(DWORD request)
{
@@ -1449,6 +1468,9 @@
case CMD_LIST_FINGERPRINT:
do_list_fingerprint();
break;
+ case CMD_HASH_PASSWORD:
+ do_hash_password();
+ break;
default:
log_fn(LOG_ERR, "Illegal command number %d: internal error.",
options.command);
Index: or.h
===================================================================
RCS file: /home/or/cvsroot/src/or/or.h,v
retrieving revision 1.456
retrieving revision 1.457
diff -u -d -r1.456 -r1.457
--- or.h 3 Nov 2004 18:33:07 -0000 1.456
+++ or.h 3 Nov 2004 19:49:03 -0000 1.457
@@ -852,8 +852,10 @@
typedef struct {
/** What should the tor process actually do? */
enum {
- CMD_RUN_TOR=0, CMD_LIST_FINGERPRINT
+ CMD_RUN_TOR=0, CMD_LIST_FINGERPRINT, CMD_HASH_PASSWORD,
} command;
+ const char *command_arg; /**< Argument for command-line option. */
+
struct config_line_t *LogOptions; /**< List of configuration lines
* for logfiles */
@@ -949,6 +951,8 @@
int AccountingMaxKB; /**< How many KB do we allow per accounting
* interval before hibernation? 0 for "never
* hibernate." */
+ char *HashedControlPassword; /**< Base64-encoded hash of a password for
+ * the control system. */
} or_options_t;
/* XXX are these good enough defaults? */
@@ -1241,6 +1245,8 @@
int control_event_bandwidth_used(uint32_t n_read, uint32_t n_written);
void control_event_logmsg(int severity, const char *msg);
+int init_cookie_authentication(void);
+
/********************************* cpuworker.c *****************************/
void cpu_init(void);