[or-cvs] Fix a bug in parsing HashedControlPassword.
Nick Mathewson
nickm at seul.org
Mon Dec 13 18:32:32 UTC 2004
Update of /home/or/cvsroot/tor/src/or
In directory moria.mit.edu:/tmp/cvs-serv26623/src/or
Modified Files:
config.c control.c or.h
Log Message:
Fix a bug in parsing HashedControlPassword.
Index: config.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/config.c,v
retrieving revision 1.284
retrieving revision 1.285
diff -u -d -r1.284 -r1.285
--- config.c 8 Dec 2004 00:40:32 -0000 1.284
+++ config.c 13 Dec 2004 18:32:29 -0000 1.285
@@ -1402,9 +1402,7 @@
}
if (options->HashedControlPassword) {
- char buf[S2K_SPECIFIER_LEN+DIGEST_LEN];
- if (base64_decode(buf,sizeof(buf),options->HashedControlPassword,
- strlen(options->HashedControlPassword)!=sizeof(buf))) {
+ if (decode_hashed_password(NULL, options->HashedControlPassword)<0) {
log_fn(LOG_WARN,"Bad HashedControlPassword: wrong length or bad base64");
result = -1;
}
Index: control.c
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/control.c,v
retrieving revision 1.35
retrieving revision 1.36
diff -u -d -r1.35 -r1.36
--- control.c 13 Dec 2004 00:44:38 -0000 1.35
+++ control.c 13 Dec 2004 18:32:29 -0000 1.36
@@ -324,6 +324,31 @@
return 0;
}
+/** Decode the hashed, base64'd password stored in <b>hashed</b>. If
+ * <b>buf</b> is provided, store the hashed password in the first
+ * S2K_SPECIFIER_LEN+DIGEST_LEN bytes of <b>buf</b>. Return 0 on
+ * success, -1 on failure.
+ */
+int
+decode_hashed_password(char *buf, const char *hashed)
+{
+ size_t len = strlen(hashed)+2;
+ char *base64 = tor_malloc(len);
+ char decoded[64];
+ int r;
+ if (tor_snprintf(base64, len, "%s\n", hashed)<0)
+ return -1;
+ if ((r = base64_decode(decoded, sizeof(decoded),
+ base64, strlen(base64))) !=
+ S2K_SPECIFIER_LEN+DIGEST_LEN) {
+ printf("BB %d\n",r);
+ return -1;
+ }
+ if (buf)
+ memcpy(buf, decoded, sizeof(decoded));
+ return 0;
+}
+
/** Called when we get an AUTHENTICATE message. Check whether the
* authentication is valid, and if so, update the connection's state to
* OPEN. Reply with DONE or ERROR.
@@ -340,9 +365,7 @@
} else if (options->HashedControlPassword) {
char expected[S2K_SPECIFIER_LEN+DIGEST_LEN];
char received[DIGEST_LEN];
- if (base64_decode(expected,sizeof(expected),
- options->HashedControlPassword,
- strlen(options->HashedControlPassword))<0) {
+ if (decode_hashed_password(expected, options->HashedControlPassword)<0) {
log_fn(LOG_WARN,"Couldn't decode HashedControlPassword: invalid base64");
goto err;
}
Index: or.h
===================================================================
RCS file: /home/or/cvsroot/tor/src/or/or.h,v
retrieving revision 1.507
retrieving revision 1.508
diff -u -d -r1.507 -r1.508
--- or.h 7 Dec 2004 15:29:54 -0000 1.507
+++ or.h 13 Dec 2004 18:32:29 -0000 1.508
@@ -1294,6 +1294,7 @@
void control_event_logmsg(int severity, const char *msg);
int init_cookie_authentication(int enabled);
+int decode_hashed_password(char *buf, const char *hashed);
/********************************* cpuworker.c *****************************/
More information about the tor-commits
mailing list