user/atagar/pytorctl, branch bug3958 Damian's PythonTorCtl repository Trying all available authentication methods 2011-09-21T15:41:20+00:00 Damian Johnson atagar@torproject.org 2011-09-21T15:28:48+00:00 3608416cbf00c18aa7c2d1584861246740c549bd When multiple control port authentication methods were defined we would just try the first then abort. This is always cookie auth so this became a problem in the following use case: - User installs our new tor deb which has cookie auth by default - User adds a hashed password to their torrc and starts tor - TorCtl attempts to connect but can't read the cookie file due to permissions, so it fails to connect. - User is confused why they weren't prompted for their password. This change makes does a couple things... - Makes an alternate functions which give a list of authentication methods rather than just the first. To avoid breaking backward compatability these are new functions, with the old ones functionally unchanged... get_auth_type => get_auth_types preauth_connect => preauth_connect_alt Pydocs for the old functions mention that they're deprecated. - The 'authenticate' method now attempts all connection methods, and by extension so does 'connect'. If all authentication methods fail then this raises an exception for the last failed attempt. I tested this with no auth, cookie auth, and dual auth where the cookie file was unreadable... - Presents connection components which now has a list of auth methods rather than just one. >>> TorCtl.preauth_connect_alt() (<TorCtl.Connection instance at 0xb78749cc>, ['COOKIE', 'PASSWORD'], '/tmp/torData/control_auth_cookie') - For a single auth method (this example with an open connection)... >>> TorCtl.preauth_connect_alt() (<TorCtl.Connection instance at 0xb787b9cc>, ['NONE'], '') >>> conn = TorCtl.connect() >>> conn.get_info("version") {'version': '0.2.2.23-alpha (git-b85eb949b528f4d7)'} - Attempts (1) auth cookie, (2) caller provided password, (3) prompts user for a password. All fails and connect returns None. >>> TorCtl.connect(passphrase="blarg") NOTICE[Wed Sep 21 08:40:43 2011]:Tor closed control connection. Exiting event thread. INFO[Wed Sep 21 08:40:43 2011]:Event loop received close message. Provided passphrase was incorrect Password: NOTICE[Wed Sep 21 08:40:45 2011]:Tor closed control connection. Exiting event thread. INFO[Wed Sep 21 08:40:45 2011]:Event loop received close message. Unable to authenticate: password incorrect 
When multiple control port authentication methods were defined we would just
try the first then abort. This is always cookie auth so this became a problem
in the following use case:

- User installs our new tor deb which has cookie auth by default
- User adds a hashed password to their torrc and starts tor
- TorCtl attempts to connect but can't read the cookie file due to permissions,
  so it fails to connect.
- User is confused why they weren't prompted for their password.

This change makes does a couple things...
- Makes an alternate functions which give a list of authentication methods
  rather than just the first. To avoid breaking backward compatability these
  are new functions, with the old ones functionally unchanged...

  get_auth_type => get_auth_types
  preauth_connect => preauth_connect_alt

  Pydocs for the old functions mention that they're deprecated.

- The 'authenticate' method now attempts all connection methods, and by
  extension so does 'connect'. If all authentication methods fail then this
  raises an exception for the last failed attempt.

I tested this with no auth, cookie auth, and dual auth where the cookie file
was unreadable...

- Presents connection components which now has a list of auth methods rather
  than just one.

>>> TorCtl.preauth_connect_alt()
(<TorCtl.Connection instance at 0xb78749cc>, ['COOKIE', 'PASSWORD'], '/tmp/torData/control_auth_cookie')

- For a single auth method (this example with an open connection)...

>>> TorCtl.preauth_connect_alt()
(<TorCtl.Connection instance at 0xb787b9cc>, ['NONE'], '')
>>> conn = TorCtl.connect()
>>> conn.get_info("version")
{'version': '0.2.2.23-alpha (git-b85eb949b528f4d7)'}

- Attempts (1) auth cookie, (2) caller provided password, (3) prompts user for
  a password. All fails and connect returns None.

>>> TorCtl.connect(passphrase="blarg")
NOTICE[Wed Sep 21 08:40:43 2011]:Tor closed control connection. Exiting event thread.
INFO[Wed Sep 21 08:40:43 2011]:Event loop received close message.
Provided passphrase was incorrect
Password:
NOTICE[Wed Sep 21 08:40:45 2011]:Tor closed control connection. Exiting event thread.
INFO[Wed Sep 21 08:40:45 2011]:Event loop received close message.
Unable to authenticate: password incorrect
fix: correcting default control socket path 2011-08-11T15:19:54+00:00 Damian Johnson atagar@torproject.org 2011-08-11T15:19:54+00:00 437f15985c75da9552d2bccb97f7bad68569d3b7 According to dererk the default control socket path is "/var/run/tor/control" rather than "/var/lib/tor/control" (the path mentioned by Peter). 
According to dererk the default control socket path is "/var/run/tor/control"
rather than "/var/lib/tor/control" (the path mentioned by Peter).
Adding ControlSocket support 2011-08-05T01:46:36+00:00 Damian Johnson atagar@torproject.org 2011-08-05T01:46:36+00:00 51508fe8573d029b231682b402c75f66e248f458 Adding support for unix domain control sockets via another connect method. This is for 'https://trac.torproject.org/projects/tor/ticket/3638'. 
Adding support for unix domain control sockets via another connect method. This
is for 'https://trac.torproject.org/projects/tor/ticket/3638'.
Dropping the BUILD_FLAGS argument for CIRC events 2011-08-03T01:56:56+00:00 Damian Johnson atagar@torproject.org 2011-08-03T01:56:56+00:00 fa703e7a839866155e41af58072676052eb07234 The BUILD_FLAGS, which is for ticket 2411, isn't in tor yet so it shouldn't yet be in torctl either. This looks like it will be a comma separated list, but until it's added to the spec we shouldn't depend on that. 
The BUILD_FLAGS, which is for ticket 2411, isn't in tor yet so it shouldn't
yet be in torctl either. This looks like it will be a comma separated list,
but until it's added to the spec we shouldn't depend on that.
Condensing common event constructor code 2011-08-03T01:46:17+00:00 Damian Johnson atagar@torproject.org 2011-08-03T01:46:17+00:00 40c18c4dccaa59b5b47f6ba5faf99b62751f256c Avoids repetitive constructors among new style events and parsing the positional/kw arguments if they won't be used. 
Avoids repetitive constructors among new style events and parsing the
positional/kw arguments if they won't be used.
Refactoring GUARD event parsing 2011-08-03T01:38:58+00:00 Damian Johnson atagar@torproject.org 2011-08-03T01:38:58+00:00 95fb5d169968d9e2f2e034de85d3b2dd23554d0a Using the new style for GUARD events, also fixing a minor bug where the nickname attribute might be left unset after init. Tested this by deleting the state directory and restarting tor. 
Using the new style for GUARD events, also fixing a minor bug where the
nickname attribute might be left unset after init. Tested this by deleting the
state directory and restarting tor.
Refactoring BUILDTIMEOUT_SET event parsing 2011-08-03T01:25:57+00:00 Damian Johnson atagar@torproject.org 2011-08-03T01:25:57+00:00 8224e519472c08cd466e9539a27baa639b513c9e Using the new style for BUILDTIMEOUT_SET events, also adding support for its TIMEOUT_RATE, CLOSE_MS, and CLOSE_RATE parameters. *This is not tested* - I didn't figure out a method for triggering BUILDTIMEOUT_SET events (tried client usage and removing the state directory/reinitializing but no luck) 
Using the new style for BUILDTIMEOUT_SET events, also adding support for its
TIMEOUT_RATE, CLOSE_MS, and CLOSE_RATE parameters.

*This is not tested* - I didn't figure out a method for triggering
BUILDTIMEOUT_SET events (tried client usage and removing the state
directory/reinitializing but no luck)
Refactoring ADDRMAP event parsing 2011-08-02T16:41:50+00:00 Damian Johnson atagar@torproject.org 2011-08-02T16:41:50+00:00 1ab22638af3c5ac303c8024a0299dfb8a09a8a66 Using the new style for ADDRMAP events. These events have both quoted and non-quoted values breaking positional and keyword parsing, so keeping the regex parsing. This expands the event to include the ERROR and GMTExpiry attributes. This was tested by visiting sites with TBB and printing out the ADDRMAP results. 
Using the new style for ADDRMAP events. These events have both quoted and
non-quoted values breaking positional and keyword parsing, so keeping the regex
parsing.

This expands the event to include the ERROR and GMTExpiry attributes. This was
tested by visiting sites with TBB and printing out the ADDRMAP results.
Refactoring NEWDESC event parsing 2011-08-02T15:24:52+00:00 Damian Johnson atagar@torproject.org 2011-08-02T15:24:52+00:00 c1b4b19a10315849035d26eda8b028b9813ac252 Using the new style for NEWDESC events. This isn't using the positional or kw pattern so effectively this is just moving the body parsing into the event. Tested by attaching to a new tor instance to get NEWDESC events. 
Using the new style for NEWDESC events. This isn't using the positional or kw
pattern so effectively this is just moving the body parsing into the event.
Tested by attaching to a new tor instance to get NEWDESC events.
Refactoring msg event parsing 2011-08-02T15:08:49+00:00 Damian Johnson atagar@torproject.org 2011-08-02T15:08:49+00:00 0b9fbef17e31b52973c4f5696aa8bdf0528d10c0 This one isn't actually using the new style since the events aren't of the positional or keyword pattern. I'm just adding the empty positional and kw args so this doesn't need to become a special case later. 
This one isn't actually using the new style since the events aren't of the
positional or keyword pattern. I'm just adding the empty positional and kw
args so this doesn't need to become a special case later.