Clean up the 2972 implementation a little

2024-11-27 22:03:31 +01:00 · 2011-04-23 02:57:53 +02:00 · 2011-04-23 02:57:53 +02:00 · 4198261291
commit 4198261291
parent d41ac64ad6
5 changed files with 19 additions and 8 deletions
--- a/changes/bug2972
+++ b/changes/bug2972
@ -0,0 +1,5 @@
+  o Minor features:
+    - Allow ControlSockets to be group-writable when the
+      ControlSocksGroupWritable configuration option is turned on. Patch
+      by Jérémy Bobbio; implements ticket 2972.
+
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@ -167,7 +167,7 @@ Other options can be specified either on the command-line (--option
    Like ControlPort, but listens on a Unix domain socket, rather than a TCP
    socket. (Unix and Unix-like systems only.)

-**UnixSocketsGroupWritable** **0**|**1**::
+**ControlSocketsGroupWritable** **0**|**1**::
    If this option is set to 0, don't allow the filesystem group to read and
    write unix sockets (e.g. ControlSocket). If the option is set to 1, make
    the control socket readable and writable by the default GID. (Default: 0)
--- a/src/or/config.c
+++ b/src/or/config.c
@ -209,7 +209,7 @@ static config_var_t _option_vars[] = {
  V(ControlPortFileGroupReadable,BOOL,     "0"),
  V(ControlPortWriteToFile,      FILENAME, NULL),
  V(ControlSocket,               LINELIST, NULL),
-  V(UnixSocketsGroupWritable,    BOOL,     "0"),
+  V(ControlSocketsGroupWritable,    BOOL,     "0"),
  V(CookieAuthentication,        BOOL,     "0"),
  V(CookieAuthFileGroupReadable, BOOL,     "0"),
  V(CookieAuthFile,              STRING,   NULL),
@ -953,9 +953,15 @@ options_act_reversible(or_options_t *old_options, char **msg)
  }

 #ifndef HAVE_SYS_UN_H
-  if (options->ControlSocket || options->UnixSocketsGroupWritable) {
-    *msg = tor_strdup("Unix domain sockets (ControlSocket) not supported"
-                      " on this OS/with this build.");
+  if (options->ControlSocket || options->ControlSocketsGroupWritable) {
+    *msg = tor_strdup("Unix domain sockets (ControlSocket) not supported "
+                      "on this OS/with this build.");
+    goto rollback;
+  }
+#else
+  if (options->ControlSocketsGroupWritable && !options->ControlSocket) {
+    *msg = tor_strdup("Setting ControlSocketGroupWritable without setting"
+                      "a ControlSocket makes no sense.");
    goto rollback;
  }
 #endif
--- a/src/or/connection.c
+++ b/src/or/connection.c
@ -966,9 +966,9 @@ connection_create_listener(const struct sockaddr *listensockaddr,
               tor_socket_strerror(tor_socket_errno(s)));
      goto err;
    }
-    if (get_options()->UnixSocketsGroupWritable) {
+    if (get_options()->ControlSocketsGroupWritable) {
      if (chmod(address, 0660) < 0) {
-        log_warn(LD_FS,"Unable to make %s group-readable.", address);
+        log_warn(LD_FS,"Unable to make %s group-writable.", address);
        tor_close_socket(s);
        goto err;
      }
--- a/src/or/or.h
+++ b/src/or/or.h
@ -2445,7 +2445,7 @@ typedef struct {
  int ControlPort; /**< Port to listen on for control connections. */
  config_line_t *ControlSocket; /**< List of Unix Domain Sockets to listen on
                                 * for control connections. */
-  int UnixSocketsGroupWritable; /**< Boolean: Are unix sockets g+rw? */
+  int ControlSocketsGroupWritable; /**< Boolean: Are control sockets g+rw? */
  int DirPort; /**< Port to listen on for directory connections. */
  int DNSPort; /**< Port to listen on for DNS requests. */
  int AssumeReachable; /**< Whether to publish our descriptor regardless. */