Home Explore Help
Sign In
piros
/
tor
3
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Be a bit more verbose in our AUTHENTICATE error messages in the control protocol so the next guy doesn't blame Nick again

svn:r5245
Peter Palfrader 20 years ago
parent
aac738d2be
commit
640211e59a
1 changed files with 9 additions and 4 deletions
Split View Show Diff Stats
  1. 9 4
      src/or/control.c

+ 9 - 4
src/or/control.c
View File 

@@ -946,6 +946,7 @@ decode_hashed_password(char *buf, const char *hashed)
 
 static int
 
 handle_control_authenticate(connection_t *conn, uint32_t len, const char *body)
 
 {
 
+  int used_quoted_string = 0;
 
   or_options_t *options = get_options();
 
   char *password;
 
   size_t password_len;
 
@@ -959,7 +960,7 @@ handle_control_authenticate(connection_t *conn, uint32_t len, const char *body)
 
         ++i;
 
       password = tor_malloc(i/2 + 1);
 
       if (base16_decode(password, i/2+1, body, i)<0) {
 
-        connection_write_str_to_buf("551 Invalid hexadecimal encoding\r\n", conn);
 
+        connection_write_str_to_buf("551 Invalid hexadecimal encoding.  Maybe you tried a plain text password?  If so, the standard requires you put it in double quotes.\r\n", conn);
 
         tor_free(password);
 
         return 0;
 
       }
 
@@ -969,9 +970,10 @@ handle_control_authenticate(connection_t *conn, uint32_t len, const char *body)
 
       password_len = 0;
 
     } else {
 
       if (!get_escaped_string(body, len, &password, &password_len)) {
 
-        connection_write_str_to_buf("551 Invalid quoted string\r\n", conn);
 
+        connection_write_str_to_buf("551 Invalid quoted string.  You need to put the password in double quotes.\r\n", conn);
 
         return 0;
 
       }
 
+      used_quoted_string = 1;
 
     }
 
   }
 
   if (options->CookieAuthentication) {
 
@@ -983,7 +985,7 @@ handle_control_authenticate(connection_t *conn, uint32_t len, const char *body)
 
     char expected[S2K_SPECIFIER_LEN+DIGEST_LEN];
 
     char received[DIGEST_LEN];
 
     if (decode_hashed_password(expected, options->HashedControlPassword)<0) {
 
-      log_fn(LOG_WARN,"Couldn't decode HashedControlPassword: invalid base64");
 
+      log_fn(LOG_WARN,"Couldn't decode HashedControlPassword: invalid base16");
 
       goto err;
 
     }
 
     secret_to_key(received,DIGEST_LEN,password,password_len,expected);
 
@@ -1001,7 +1003,10 @@ handle_control_authenticate(connection_t *conn, uint32_t len, const char *body)
 
     send_control0_error(conn,ERR_REJECTED_AUTHENTICATION,"Authentication failed");
 
   else {
 
     tor_free(password);
 
-    connection_write_str_to_buf("515 Authentication failed\r\n", conn);
 
+    if (used_quoted_string)
 
+      connection_write_str_to_buf("515 Authentication failed\r\n", conn);
 
+    else
 
+      connection_write_str_to_buf("515 Authentication failed.  Maybe you tried a plain text password?  If so, the standard requires you put it in double quotes.\r\n", conn);
 
   }
 
   return 0;
 
  ok: