[tor-talk] tor v0.2.5.x hits 'stable' repos / ControlPort auth behaviour change?

Ondrej Mikle ondrej.mikle at gmail.com
Fri Oct 24 20:36:20 UTC 2014


On 10/23/2014 10:44 PM, Nusenu wrote:
> I use vidalia to connect to a system tor (via HashedControlPassword
> authentication).
> 
> Regarding the control port I had the following two lines in my torrc:
> 
> ControlPort 9051
> HashedControlPassword xxxxxxxxx
> 
> after the upgrade to tor 0.2.5.9-rc vidalia was unable to connect and
> complained that tor asked for the authentication cookie - even though I
> did not set CookieAuthentication. Only after explicitly setting
> CookieAuthentication to 0 (which is the default anyway) vidalia was able
> to connect using the password auth again.
> 
> Can anyone confirm this?

The 0.2.5.x rpm package switched over to defaults-torrc for default settings
(instead of having them hardcoded on command line). CookieAuthentication was
turned on in 0.2.5.9 package in the defaults-torrc, apparently setting
HashedControlPassword in torrc did not override CookieAuthentication from
defaults-torrc.

It's fixed now in 0.2.5.10 rpm package that's just been uploaded into the repo.
CookieAuthenthication is back to default. Thanks for catching that.

Ondrej


More information about the tor-talk mailing list