|
Tor
0.4.7.0-alpha-dev
|
Authentication for Tor's control-socket interface. More...
#include "core/or/or.h"#include "app/config/config.h"#include "core/mainloop/connection.h"#include "feature/control/control.h"#include "feature/control/control_cmd.h"#include "feature/control/control_auth.h"#include "feature/control/control_cmd_args_st.h"#include "feature/control/control_connection_st.h"#include "feature/control/control_proto.h"#include "lib/crypt_ops/crypto_rand.h"#include "lib/crypt_ops/crypto_util.h"#include "lib/encoding/confline.h"#include "lib/encoding/kvline.h"#include "lib/encoding/qstring.h"#include "lib/crypt_ops/crypto_s2k.h"Go to the source code of this file.
Macros | |
| #define | AUTHENTICATION_COOKIE_LEN 32 |
| #define | SAFECOOKIE_SERVER_TO_CONTROLLER_CONSTANT "Tor safe cookie authentication server-to-controller hash" |
| #define | SAFECOOKIE_CONTROLLER_TO_SERVER_CONSTANT "Tor safe cookie authentication controller-to-server hash" |
| #define | SAFECOOKIE_SERVER_NONCE_LEN DIGEST256_LEN |
Functions | |
| char * | get_controller_cookie_file_name (void) |
| int | init_control_cookie_authentication (int enabled) |
| smartlist_t * | decode_hashed_passwords (config_line_t *passwords) |
| int | handle_control_authchallenge (control_connection_t *conn, const control_cmd_args_t *args) |
| int | handle_control_authenticate (control_connection_t *conn, const control_cmd_args_t *args) |
| void | control_auth_free_all (void) |
Variables | |
| static int | authentication_cookie_is_set = 0 |
| static uint8_t * | authentication_cookie = NULL |
| const control_cmd_syntax_t | authchallenge_syntax |
| const control_cmd_syntax_t | authenticate_syntax |
Authentication for Tor's control-socket interface.
Definition in file control_auth.c.
| #define AUTHENTICATION_COOKIE_LEN 32 |
If we're using cookie-type authentication, how long should our cookies be?
Definition at line 29 of file control_auth.c.
| smartlist_t* decode_hashed_passwords | ( | config_line_t * | passwords | ) |
Decode the hashed, base64'd passwords stored in passwords. Return a smartlist of acceptable passwords (unterminated strings of length S2K_RFC2440_SPECIFIER_LEN+DIGEST_LEN) on success, or NULL on failure.
Definition at line 88 of file control_auth.c.
| char* get_controller_cookie_file_name | ( | void | ) |
Helper: Return a newly allocated string containing a path to the file where we store our authentication cookie.
Definition at line 48 of file control_auth.c.
Referenced by get_esc_cfile(), and tor_cleanup().
| int handle_control_authchallenge | ( | control_connection_t * | conn, |
| const control_cmd_args_t * | args | ||
| ) |
Called when we get an AUTHCHALLENGE command.
Definition at line 133 of file control_auth.c.
| int handle_control_authenticate | ( | control_connection_t * | conn, |
| const control_cmd_args_t * | args | ||
| ) |
Called when we get an AUTHENTICATE message. Check whether the authentication is valid, and if so, update the connection's state to OPEN. Reply with DONE or ERROR.
We only get here if both kinds of authentication failed.
Definition at line 246 of file control_auth.c.
| const control_cmd_syntax_t authchallenge_syntax |
Definition at line 123 of file control_auth.c.
| const control_cmd_syntax_t authenticate_syntax |
Definition at line 234 of file control_auth.c.
|
static |
If authentication_cookie_is_set, a secret cookie that we've stored to disk and which we're using to authenticate controllers. (If the controller can read it off disk, it has permission to connect.)
Definition at line 37 of file control_auth.c.
|
static |
If true, we've set authentication_cookie to a secret code and stored it to disk.
Definition at line 33 of file control_auth.c.
1.9.1