Opened 7 years ago

Closed 7 years ago

Last modified 7 years ago

#5760 closed defect (fixed)

Safe cookie authentication failure replies do not end with a CRLF

Reported by: neena Owned by: neena
Priority: High Milestone: Tor: 0.2.2.x-final
Component: Core Tor/Tor Version: Tor: 0.2.3.15-alpha
Severity: Keywords: easy tor-client
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

On the control socket, AUTHCHALLENGE's failure replies do not end with a CRLF.

+12:29% nc localhost 9100
AUTHCHALLENGE SAFEOHJOIE
513 AUTHCHALLENGE only supports SAFECOOKIE authentication%
+1:43% nc localhost 9100
AUTHCHALLENGE SAFECOOKIE FOOFA
513 Invalid base16 client nonce%

That is all.

Child Tickets

Change History (11)

comment:1 Changed 7 years ago by neena

Owner: set to neena
Status: newassigned

comment:2 Changed 7 years ago by neena

Status: assignedneeds_review

comment:3 Changed 7 years ago by arma

Milestone: Tor: 0.2.2.x-final
Priority: normalmajor

comment:4 Changed 7 years ago by rransom

The patch looks good! (It'll need to be cherry-picked or rebased onto maint-0.2.2, though.)

comment:5 Changed 7 years ago by arma

and a changes file (since the feature is already released in the 0.2.3 branch). rransom, maybe you can help make it something mergeable?

comment:6 Changed 7 years ago by neena

cherry-picked for maint-0.2.2 here

http://repo.or.cz/w/tor/neena.git/shortlog/refs/heads/fix-5760-maint-0.2.2

I have added a changes/bug5760 file to both the branches. I'm not sure if it is missing anything.

comment:7 Changed 7 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Looks okay to me. Thanks, neena! Merging into 0.2.2 and forward.

comment:8 Changed 7 years ago by arma

In the changes file, when you say "bugfix on 0.2.3.16-alpha", you're supposed to say the Tor version that introduced the bug, not the Tor version that you hope will include your fix.

comment:9 Changed 7 years ago by arma

Looks like it was a bugfix on 0.2.2.36 and 0.2.3.13-alpha.

comment:10 Changed 7 years ago by nickm

Keywords: tor-client added

comment:11 Changed 7 years ago by nickm

Component: Tor ClientTor
Note: See TracTickets for help on using tickets.