Re: php hex code for cookie authentication to controller?

To: or-talk@xxxxxxxxxxxxx, "Nick Mathewson" <nickm@xxxxxxxxxxxxx>

Subject: Re: php hex code for cookie authentication to controller?

From: "Wesley Kenzie" <wkenzie@xxxxxxxxx>

Date: Tue, 21 Oct 2008 16:29:08 -0700

Delivered-to: archiver@xxxxxxxx

Delivered-to: or-talk-outgoing@xxxxxxxx

Delivered-to: or-talk@xxxxxxxx

Delivery-date: Tue, 21 Oct 2008 19:29:15 -0400

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to :subject:in-reply-to:mime-version:content-type:references; bh=g+fHuCDr67+ZfNsGHLTm3QQ7X59+19BaLKo9AjCCzQ8=; b=Lc5ztUqV4J1Hd+nyGkQPktXgmxR+RnNuXynxtQJBwdwrSgZDkqQYPVucTRnl+4aLxY q9FCfx8IyN0dxIv0fRAcrouSxEEZBX9nUvuGpoBMwEKPxBMryiy3xrww+t81SVIAj0Jn NjvOt2u+i2Kns+Yerjpi8dFhl6FkAXYrpEQsg=

Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version :content-type:references; b=CtAYC2CtWwAPFm5Pt0AuHlEdRdnDiCYfZMGzjtxlkSX+9ZmwiiY+DUHEzXZw/fnGA7 nXR40tZN0Sb1DVfQOLGieXB6l4VErx8+IVBpVUFGzqxHhJjjYQ7bBiTGfsC2Cc8ijUrK 6aY6/iKSlrCimSHKygmmiQ+Bn7pum/qKmFEe0=

In-reply-to: <20081021215744.GB14878@xxxxxxxxxxxxxx>

References: <918a9e2a0810211152p282ac97bva4efc1840f99a091@xxxxxxxxxxxxxx> <20081021215744.GB14878@xxxxxxxxxxxxxx>

Reply-to: or-talk@xxxxxxxxxxxxx

Sender: owner-or-talk@xxxxxxxxxxxxx

>>What's the actual length of $auth_value? If it's not
>>AUTHENTICATION_COOKIE_LEN (32, I think), that's when I'd expect that
>>error.

Thanks, Nick. The length of $auth_value is 32 though, and the length of bin2hex($auth_value) is 64.

>>Also, I don't know PHP so well, but maybe you should specify 'rb'
>>instead of 'r'.

I do not see that 'rb' is an option in php for the fopen() function ...

. . . . .
Wesley

On Tue, Oct 21, 2008 at 2:57 PM, Nick Mathewson <nickm@xxxxxxxxxxxxx> wrote:

On Tue, Oct 21, 2008 at 11:52:33AM -0700, Wesley Kenzie wrote:
> per 5.1 Authentication in control-spec.txt: "To authenticate, the controller
> must send the contents of this file, encoded in hexadecimal."
>
> Fine, but when using the following in PHP:
>
> $ch = fopen('cookiefilename', 'r');
> $auth_value = fread($ch, 128);
> $send_auth_value = "AUTHENTICATE \"". bin2hex($auth_value) . "\"\r\n";
> $fh = fsockopen('127.0.0.1', controlportnumber);
> fwrite($fh, $send_auth_value);
> $buf = fgets($fh);
>
> ... I get 515 Authentication failed: Wrong length on authentication cookie.

What's the actual length of $auth_value? If it's not
AUTHENTICATION_COOKIE_LEN (32, I think), that's when I'd expect that
error.

Also, I don't know PHP so well, but maybe you should specify 'rb'
instead of 'r'.

--
Nick