Opened 8 years ago

Closed 9 months ago

#3476 closed defect (fixed)

debian package: HashedControlPassword auth fails when CookieAuthentication is enabled

Reported by: murble Owned by: arma
Priority: Medium Milestone:
Component: Applications/Tor bundles/installation Version:
Severity: Normal Keywords: needs-triage
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Since I upgraded to the new 0.2.2.29-beta-1~~squeeze+1 debian tor package

arm and vidalia where unable to access tor on the control port using password authentication which I had previously configured.

Setting CookieAuthentication 0 fixed this problem.

Child Tickets

TicketStatusOwnerSummaryComponent
#3898closedchiiphIf CookieAuth and PasswordAuth are both offered, and cookie fails, fall back to passwordArchived/Vidalia
#3958closedmikeperrypytorctl should learn to try both CookieAuth and PasswordAuthTorctl

Change History (7)

comment:1 Changed 8 years ago by atagar

The use case you were having trouble with is when having both cookie and password authentication in your torrc, right? I just tried arm with that use case against tor versions...
0.2.2.23-alpha
0.2.2.19-alpha
0.2.3.1-alpha-dev (git-0b536469ee8a6d43)

using the following torrc:

ORPort 9001
Nickname armTest
ExitPolicy reject *:* 

ControlPort 9051
CookieAuthentication 1

AccountingMax 100 GB

# password: pw
HashedControlPassword 16:F56B67C1FC85BA66601864C6C223F744AEA0F5C45414A92C7177786C02

and it's working just fine (cookie auth takes priority over the password). If that's not the use case you were having trouble with then could you please provide repro steps?

comment:2 Changed 7 years ago by arma

One of the main differences here is that 0.2.2.29-beta packages in Debian appear to have ControlSocket enabled by default. (See also #3892)

comment:3 Changed 7 years ago by arma

I believe your bug would be resolved if we resolve #3898

comment:4 Changed 7 years ago by arma

Component: Tor ClientTor bundles/installation
Owner: set to arma
Priority: minornormal
Status: newassigned
Summary: HashedControlPassword auth fails when CookieAuthentication is enableddebian package: HashedControlPassword auth fails when CookieAuthentication is enabled

#3958 is the equivalent bug in arm (well, pytorctl).

comment:5 Changed 5 years ago by erinn

Keywords: needs-triage added

comment:6 Changed 15 months ago by teor

Severity: Normal

Set all open tickets without a severity to "Normal"

comment:7 Changed 9 months ago by arma

Resolution: fixed
Status: assignedclosed

Ok, I'm going to close this one because it is from long ago, and we've fixed some bugs since then.

If there remains a problem with the Debian Tor package, somebody should open a fresh debian bug about it (in the debian ticket tracker).

Note: See TracTickets for help on using tickets.