[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[vidalia-svn] r2171: Don't save the randomly generated control password. (in trunk: . src/config src/gui)
Author: edmanm
Date: 2007-12-04 12:39:46 -0500 (Tue, 04 Dec 2007)
New Revision: 2171
Modified:
trunk/
trunk/src/config/torsettings.cpp
trunk/src/config/torsettings.h
trunk/src/gui/mainwindow.cpp
trunk/src/gui/mainwindow.h
Log:
r2214@lysithea: edmanm | 2007-12-04 12:39:32 -0500
Don't save the randomly generated control password.
Property changes on: trunk
___________________________________________________________________
svk:merge ticket from /local/vidalia/trunk [r2214] on 0108964c-5b0b-4c9e-969f-e2288315d100
Modified: trunk/src/config/torsettings.cpp
===================================================================
--- trunk/src/config/torsettings.cpp 2007-12-04 17:39:35 UTC (rev 2170)
+++ trunk/src/config/torsettings.cpp 2007-12-04 17:39:46 UTC (rev 2171)
@@ -27,13 +27,12 @@
#include <QDir>
#include <QProcess>
-#include <util/file.h>
-#include <util/crypto.h>
+#include <crypto.h>
#include <vidalia.h>
#if defined(Q_OS_WIN32)
#include <QFileInfo>
-#include <util/win32.h>
+#include <win32.h>
#endif
#include "torsettings.h"
@@ -110,11 +109,11 @@
conf.insert(TOR_ARG_HASHED_PASSWORD, "");
break;
case PasswordAuth:
- if (useRandomPassword())
- setControlPassword(generateRandomPassword());
conf.insert(TOR_ARG_COOKIE_AUTH, "0");
conf.insert(TOR_ARG_HASHED_PASSWORD,
- hashPassword(getControlPassword()));
+ useRandomPassword()
+ ? hashPassword(randomPassword())
+ : hashPassword(getControlPassword()));
break;
default:
conf.insert(TOR_ARG_COOKIE_AUTH, "0");
@@ -152,60 +151,6 @@
setValue(SETTING_TOR_EXECUTABLE, torExecutable);
}
-/** Returns a formatted QString of all currently set command-line arguments.
- * If an argument's value contains a space, then it will be wrapped in quotes.
- * */
-QStringList
-TorSettings::getArguments()
-{
- QStringList args;
-
- /* Add the torrc argument (if specified) */
- QString torrc = getTorrc();
- if (!torrc.isEmpty())
- args << TOR_ARG_TORRC << expand_filename(torrc);
-
- /* Specify the location to use for Tor's data directory, if different from
- * the default. */
- QString dataDirectory = getDataDirectory();
- if (!dataDirectory.isEmpty())
- args << TOR_ARG_DATA_DIRECTORY << expand_filename(dataDirectory);
-
- /* Add the ControlPort value */
- quint16 controlPort = getControlPort();
- if (controlPort)
- args << TOR_ARG_CONTROL_PORT << QString::number(controlPort);
-
- /* Add the control port authentication argument */
- AuthenticationMethod authMethod = getAuthenticationMethod();
- if (authMethod == PasswordAuth) {
- if (useRandomPassword())
- setControlPassword(generateRandomPassword());
-
- QString password = getControlPassword();
- args << TOR_ARG_HASHED_PASSWORD << hashPassword(password);
- args << TOR_ARG_COOKIE_AUTH << "0";
- } else if (authMethod == CookieAuth) {
- args << TOR_ARG_COOKIE_AUTH << "1";
- args << TOR_ARG_HASHED_PASSWORD << "";
- } else {
- args << TOR_ARG_COOKIE_AUTH << "0";
- args << TOR_ARG_HASHED_PASSWORD << "";
- }
-
- /* Add the User argument (if specified) */
- QString user = getUser();
- if (!user.isEmpty())
- args << TOR_ARG_USER << user;
-
- /* Add the Group argument (if specified) */
- QString group = getGroup();
- if (!group.isEmpty())
- args << TOR_ARG_GROUP << group;
-
- return args;
-}
-
/** Returns the torrc that will be used when starting Tor. */
QString
TorSettings::getTorrc()
@@ -381,7 +326,7 @@
/** Generates a random control password consisting of PASSWORD_LEN characters. */
QString
-TorSettings::generateRandomPassword()
+TorSettings::randomPassword()
{
return crypto_rand_string(PASSWORD_LEN);
}
@@ -389,8 +334,9 @@
/** Returns the hash of <b>password</b> as given by the command "tor
* --hash-password foo". */
QString
-TorSettings::hashPassword(QString password)
+TorSettings::hashPassword(const QString &password)
{
+ TorSettings settings;
QProcess tor;
QString dataDirectory, line;
QStringList args;
@@ -398,14 +344,14 @@
/* Tor writes its state file even if all we're doing is --hash-password. So
* if the user has configured a non-default data directory, then include
* that in the list of command line arguments. */
- dataDirectory = getDataDirectory();
+ dataDirectory = settings.getDataDirectory();
if (!dataDirectory.isEmpty())
args << "DataDirectory" << dataDirectory;
args << "--hash-password" << password;
/* Run Tor, tell it to hash the given password, and then wait for it to
* finish. */
- tor.start(getExecutable(), args);
+ tor.start(settings.getExecutable(), args);
if (!tor.waitForStarted() || !tor.waitForFinished())
return QString();
Modified: trunk/src/config/torsettings.h
===================================================================
--- trunk/src/config/torsettings.h 2007-12-04 17:39:35 UTC (rev 2170)
+++ trunk/src/config/torsettings.h 2007-12-04 17:39:46 UTC (rev 2171)
@@ -61,9 +61,6 @@
/** Sets the location to use for Tor's data directory. */
void setDataDirectory(QString dataDir);
- /** Builds and formats a list of command-line arguments. */
- QStringList getArguments();
-
/** Gets the torrc to use when starting Tor. */
QString getTorrc();
/** Sets the torrc to use when starting Tor. */
@@ -108,6 +105,13 @@
/** Set which group will be used to run Tor. */
void setGroup(QString group);
+ /** Generates a random control password consisting of PASSWORD_LEN
+ * characters. */
+ static QString randomPassword();
+ /** Returns the hash of <b>password</b> as given by the command
+ * "tor --hash-password foo". */
+ static QString hashPassword(const QString &password);
+
private:
/** Returns the AuthenticationMethod enum value for the string
* description of the authentication method given in <b>authMethod</b>. */
@@ -116,12 +120,6 @@
* <b>method</b>. The authentication method string is stored in Vidalia's
* configuration file. */
QString toString(AuthenticationMethod type);
- /** Generates a random control password consisting of PASSWORD_LEN
- * characters. */
- QString generateRandomPassword();
- /** Returns the hash of <b>password</b> as given by the command
- * "tor --hash-password foo". */
- QString hashPassword(QString password);
};
#endif
Modified: trunk/src/gui/mainwindow.cpp
===================================================================
--- trunk/src/gui/mainwindow.cpp 2007-12-04 17:39:35 UTC (rev 2170)
+++ trunk/src/gui/mainwindow.cpp 2007-12-04 17:39:46 UTC (rev 2171)
@@ -32,10 +32,10 @@
#include <QtGui>
#include <QTimer>
#include <vidalia.h>
-#include <util/file.h>
-#include <util/html.h>
-#include <util/stringutil.h>
-#include <util/net.h>
+#include <file.h>
+#include <html.h>
+#include <stringutil.h>
+#include <net.h>
#include <QSysInfo>
#include "common/vmessagebox.h"
@@ -523,6 +523,7 @@
MainWindow::start()
{
TorSettings settings;
+ QStringList args;
updateTorStatus(Starting);
@@ -535,8 +536,49 @@
/* Make sure the torrc we want to use really exists. */
QString torrc = settings.getTorrc();
- if (!torrc.isEmpty() && !QFileInfo(torrc).exists())
- touch_file(torrc, true);
+ if (!torrc.isEmpty()) {
+ if (!QFileInfo(torrc).exists())
+ touch_file(torrc, true);
+ args << "-f" << torrc;
+ }
+
+ /* Specify Tor's data directory, if different from the default */
+ QString dataDirectory = settings.getDataDirectory();
+ if (!dataDirectory.isEmpty())
+ args << "DataDirectory" << expand_filename(dataDirectory);
+
+ /* Add the intended control port value */
+ quint16 controlPort = settings.getControlPort();
+ if (controlPort)
+ args << "ControlPort" << QString::number(controlPort);
+
+ /* Add the control port authentication arguments */
+ switch (settings.getAuthenticationMethod()) {
+ case TorSettings::PasswordAuth:
+ if (settings.useRandomPassword())
+ _controlPassword = TorSettings::randomPassword();
+ else
+ _controlPassword = settings.getControlPassword();
+ args << "HashedControlPassword"
+ << TorSettings::hashPassword(_controlPassword)
+ << "CookieAuthentication" << "0";
+ break;
+ case TorSettings::CookieAuth:
+ args << "CookieAuthentication" << "1"
+ << "HashedControlPassword" << "";
+ break;
+ default:
+ args << "CookieAuthentication" << "0"
+ << "HashedControlPassword" << "";
+ }
+
+ /* Add custom user and group information (if specified) */
+ QString user = settings.getUser();
+ if (!user.isEmpty())
+ args << "User" << user;
+ QString group = settings.getGroup();
+ if (!group.isEmpty())
+ args << "Group" << group;
/* This doesn't get set to false until Tor is actually up and running, so we
* don't yell at users twice if their Tor doesn't even start, due to the fact
@@ -544,7 +586,7 @@
* start. */
_isIntentionalExit = true;
/* Kick off the Tor process */
- _torControl->start(settings.getExecutable(), settings.getArguments());
+ _torControl->start(settings.getExecutable(), args);
}
/** Called when the Tor process fails to start, for example, because the path
@@ -796,8 +838,7 @@
} else if (authMethod == TorSettings::PasswordAuth) {
/* Get the control password and send it to Tor */
vNotice("Authenticating using 'hashed password' authentication.");
- QString password = settings.getControlPassword();
- return _torControl->authenticate(password);
+ return _torControl->authenticate(_controlPassword);
}
/* No authentication. Send an empty password. */
vNotice("Authenticating using 'null' authentication.");
@@ -857,6 +898,8 @@
tr("Please enter your control password (not the hash):"),
QLineEdit::Password);
if (!password.isEmpty()) {
+ /* XXX: We should ask the user if they really want to save the password
+ * they just typed in. */
TorSettings settings;
settings.setAuthenticationMethod(TorSettings::PasswordAuth);
settings.setControlPassword(password);
Modified: trunk/src/gui/mainwindow.h
===================================================================
--- trunk/src/gui/mainwindow.h 2007-12-04 17:39:35 UTC (rev 2170)
+++ trunk/src/gui/mainwindow.h 2007-12-04 17:39:46 UTC (rev 2171)
@@ -174,6 +174,9 @@
ConfigDialog* _configDialog;
/** A TorControl object that handles communication with Tor */
TorControl* _torControl;
+ /** Remembers the control password between when we start Tor with a hash of
+ * the password and when we need to provide the password itself. */
+ QString _controlPassword;
#if defined(USE_QSYSTEMTRAYICON)
QSystemTrayIcon _trayIcon; /**< The Vidalia icon that sits in the tray.
@@ -181,7 +184,7 @@
#else
TrayIcon _trayIcon; /**< The Vidalia icon that sits in the tray. (pre-Qt 4.2) */
#endif
-
+
/** Defines the actions for the tray menu */
QAction* _controlPanelAct;
QAction* _startStopAct;