[tor-bugs] #7098 [Tor]: Add safe-cookie authentication to Extended ORPort and TransportControlPort
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 27 20:20:47 UTC 2012
#7098: Add safe-cookie authentication to Extended ORPort and TransportControlPort
------------------------+---------------------------------------------------
Reporter: asn | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.4.x-final
Component: Tor | Version:
Keywords: tor-bridge | Parent: #4773
Points: | Actualpoints:
------------------------+---------------------------------------------------
Comment(by nickm):
Replying to [comment:18 asn]:
> Updated `bug7098_draft2` with Robert's suggestion.
Looks okay to me.
> Also, we will need to keep connection state (like the nonce). Should we
keep this in or_connection_t (#4773 also keeps ext_or_conn_id in
or_connection_t)?
That seems okay. It's only 64 bytes per or_connection_t.
>Nick, in pt-spec.txt do you like TOR_AUTH_PT_COOKIE_FILE being optional?
Or would you prefer to start a new Extended ORPort protocol version just
for it?
Having it be optional but strongly recommended is IMO OK. Or we could
just make it required in the Extended ORPort protocol. After all, there
aren't any current extended ORPort users that we'd be breaking, right?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7098#comment:21>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list