sarah
/
tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

r13892@Kushana: nickm | 2007-08-01 18:27:13 -0700 

Close immediately after anything but a successful authentication attempt on the control port.  Backport candidate.


svn:r11016
This commit is contained in:
Nick Mathewson 2007-08-02 01:28:40 +00:00
parent a4e7dffc94
commit 322b6f7e65
2 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -1,4 +1,8 @@
Changes in version 0.2.0.4-alpha - 2007-??-??
Changes in version 0.2.0.4-alpha - 2007-08-01
o Major security fixes:
- Close immediately after missing authentication on control port;
do not allow multiple authentication attempts.
o Major bugfixes (compilation):
- Fix win32 compilation: apparently IN_ADDR and IN6_ADDR are already
defined there.

4
src/or/control.c
View File

@ -971,6 +971,7 @@ handle_control_authenticate(control_connection_t *conn, uint32_t len,
"551 Invalid hexadecimal encoding. Maybe you tried a plain text "
"password? If so, the standard requires that you put it in "
"double quotes.\r\n", conn);
connection_mark_for_close(TO_CONN(conn));
tor_free(password);
return 0;
}
@ -981,6 +982,7 @@ handle_control_authenticate(control_connection_t *conn, uint32_t len,
if (!get_escaped_string(body, len, &password, &password_len)) {
connection_write_str_to_buf("551 Invalid quoted string. You need "
"to put the password in double quotes.\r\n", conn);
connection_mark_for_close(TO_CONN(conn));
return 0;
}
used_quoted_string = 1;
@ -1032,6 +1034,7 @@ handle_control_authenticate(control_connection_t *conn, uint32_t len,
errstr = "Unknown reason.";
connection_printf_to_buf(conn, "515 Authentication failed: %s\r\n",
errstr);
connection_mark_for_close(TO_CONN(conn));
return 0;
ok:
log_info(LD_CONTROL, "Authenticated control connection (%d)", conn->_base.s);
@ -2439,6 +2442,7 @@ connection_control_process_inbuf(control_connection_t *conn)
if (conn->_base.state == CONTROL_CONN_STATE_NEEDAUTH &&
strcasecmp(conn->incoming_cmd, "AUTHENTICATE")) {
connection_write_str_to_buf("514 Authentication required.\r\n", conn);
connection_mark_for_close(TO_CONN(conn));
conn->incoming_cmd_cur_len = 0;
goto again;
}