[tor-bugs] #3958 [Torctl]: pytorctl should learn to try both CookieAuth and PasswordAuth
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Fri Dec 2 17:31:55 UTC 2011
#3958: pytorctl should learn to try both CookieAuth and PasswordAuth
--------------------+-------------------------------------------------------
Reporter: arma | Owner: mikeperry
Type: defect | Status: needs_review
Priority: normal | Milestone:
Component: Torctl | Version:
Keywords: | Parent: #3476
Points: | Actualpoints:
--------------------+-------------------------------------------------------
Comment(by atagar):
Oh, a bug with this patch: if the PROTOCOLINFO response has multiple auth
types and the authenticate() caller doesn't provide a passphrase then we
abort without trying cookie auth (see lines 1014-1016). This can be
trivially fixed by changing...
if AUTH_TYPE.PASSWORD in self._authTypes and secret == "":
to
if secret == "" and self._authTypes == (AUTH_TYPE.PASSWORD,):
This probably also means an issue with the edge case where the user
generated an empty password...
tor --hash-password ""
so I'd suggest changing the secret default value to None.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/3958#comment:11>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list