tor: Change auth order to only use HASHEDPASSWORD if -torpassword
Change authentication order to make it more clear (see #7700). - If the `-torpassword` option is provided, force use of `HASHEDPASSWORD` auth. - Give error message if `-torpassword` provided, but `HASHEDPASSWORD` auth is not available. - Give error message if only `HASHEDPASSWORD` available, but `-torpassword` not given.
This commit is contained in:
parent
14d6324a24
commit
2e494489c3
1 changed files with 10 additions and 8 deletions
|
@ -574,7 +574,15 @@ void TorController::protocolinfo_cb(TorControlConnection& conn, const TorControl
|
|||
* password: "password"
|
||||
*/
|
||||
std::string torpassword = GetArg("-torpassword", "");
|
||||
if (methods.count("NULL")) {
|
||||
if (!torpassword.empty()) {
|
||||
if (methods.count("HASHEDPASSWORD")) {
|
||||
LogPrint("tor", "tor: Using HASHEDPASSWORD authentication\n");
|
||||
boost::replace_all(torpassword, "\"", "\\\"");
|
||||
conn.Command("AUTHENTICATE \"" + torpassword + "\"", boost::bind(&TorController::auth_cb, this, _1, _2));
|
||||
} else {
|
||||
LogPrintf("tor: Password provided with -torpassword, but HASHEDPASSWORD authentication is not available\n");
|
||||
}
|
||||
} else if (methods.count("NULL")) {
|
||||
LogPrint("tor", "tor: Using NULL authentication\n");
|
||||
conn.Command("AUTHENTICATE", boost::bind(&TorController::auth_cb, this, _1, _2));
|
||||
} else if (methods.count("SAFECOOKIE")) {
|
||||
|
@ -595,13 +603,7 @@ void TorController::protocolinfo_cb(TorControlConnection& conn, const TorControl
|
|||
}
|
||||
}
|
||||
} else if (methods.count("HASHEDPASSWORD")) {
|
||||
if (!torpassword.empty()) {
|
||||
LogPrint("tor", "tor: Using HASHEDPASSWORD authentication\n");
|
||||
boost::replace_all(torpassword, "\"", "\\\"");
|
||||
conn.Command("AUTHENTICATE \"" + torpassword + "\"", boost::bind(&TorController::auth_cb, this, _1, _2));
|
||||
} else {
|
||||
LogPrintf("tor: Password authentication required, but no password provided with -torpassword\n");
|
||||
}
|
||||
LogPrintf("tor: The only supported authentication mechanism left is password, but no password provided with -torpassword\n");
|
||||
} else {
|
||||
LogPrintf("tor: No supported authentication method\n");
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue