bring some sanity to quoted strings in the controller api

#14999 (moved) is about a possible mass migration to doing QuotedString right... but we can at least fix the things introduced in #8405 (moved), since we know they won't break any users.

changed milestone to %Tor: unspecified

added component::core tor/tor milestone::Tor: unspecified needs-proposal points::medium priority::medium severity::normal status::needs-revision tor-client tor-control tor-spec type::defect version::tor 0.2.6.3-alpha labels

(I hereby apologize for the non-momentous nature of ticket 15000.)

Branch "bug15000" in my public repo may fix this.

Trac:
Cc: N/A to arthuredelstein, atagar
Status: new to needs_review

One thing that breaks with quotedstring in this case: NUL characters in the string. Does this matter? Do we even support this? The control.c implementation is kind of assuming that everything we send out over the control port can be represented as a nul-terminated string.

\r and \n are also potentially problematic for control port clients that make simplifying assumptions about the response protocol. (I think I'm guilty of writing one. :P) Maybe tor should reject SOCKS username/password with any dangerous characters? BTW, is a hostile SOCKS client part of the threat model?

Hmmm. I wonder whether we handle newlines or NULs correctly in the QuotedStrings in our input either...?

After conversation with atagar yesterday, I think we think that we need a better format here: the handling of NULs, control chars, and newlines in QuotedString won't actually work for us on this.

Trac:
Milestone: Tor: 0.2.6.x-final to Tor: 0.2.7.x-final
Keywords: tor-controller tor-client deleted, tor-controller tor-client needs-proposal added

Trac:
Status: needs_review to needs_revision
Summary: Strings introduced in #8405 (moved) should be proper QuotedStrings to bring some sanity to quoted strings in the controller api

#4600 (moved) was related

Marking triaged-out items from first round of 0.2.7 triage.

Trac:
Keywords: tor-controller tor-client needs-proposal deleted, tor-client, tor-controller, needs-proposal, 027-triaged-1-out added

Trac:
Milestone: Tor: 0.2.7.x-final to Tor: 0.2.8.x-final

Trac:
Keywords: N/A deleted, 028-triaged added

Trac:
Sponsor: N/A to N/A
Points: N/A to medium

Trac:
Milestone: Tor: 0.2.8.x-final to Tor: 0.2.???
Keywords: 028-triaged deleted, N/A added

Trac:
Severity: N/A to Normal
Cc: arthuredelstein, atagar to arthuredelstein, atagar, gk

Milestone renamed

Trac:
Milestone: Tor: 0.2.??? to Tor: 0.3.???

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

Trac:
Keywords: N/A deleted, tor-03-unspecified-201612 added
Milestone: Tor: 0.3.??? to Tor: unspecified

Remove an old triaging keyword.

Trac:
Keywords: tor-03-unspecified-201612 deleted, N/A added

Trac:
Keywords: N/A deleted, 027-triaged-in added