Remove anything related to the old SocksSockets option

At this commit, the SocksSocketsGroupWritable option is renamed to
UnixSocksGroupWritable. A deprecated warning is triggered if the old option is
used and tor will use it properly.

Fixes #24343

Signed-off-by: David Goulet <dgoulet@torproject.org>
This commit is contained in:
David Goulet 2018-02-07 14:05:33 -05:00
parent bf91da75ab
commit 652d3a5b66
6 changed files with 15 additions and 13 deletions

6
changes/ticket24343 Normal file
View File

@ -0,0 +1,6 @@
o Minor bugfixes (man page, SocksPort):
- Remove dead code about the old "SocksSockets" option. To do so, the
SocksSocketsGroupWritable option has been renamed to
UnixSockssGroupWritable which does the same exact thing. The old option
is still usable but will warn that it is deprecated. Fixes bug 24343;
bugfix on 0.2.6.3.

View File

@ -608,10 +608,10 @@ GENERAL OPTIONS
in accordance to RFC 1929. Both username and password must be between 1 and in accordance to RFC 1929. Both username and password must be between 1 and
255 characters. 255 characters.
[[SocksSocketsGroupWritable]] **SocksSocketsGroupWritable** **0**|**1**:: [[UnixSocksGroupWritable]] **UnixSocksGroupWritable** **0**|**1**::
If this option is set to 0, don't allow the filesystem group to read and If this option is set to 0, don't allow the filesystem group to read and
write unix sockets (e.g. SocksSocket). If the option is set to 1, make write unix sockets (e.g. SocksPort unix:). If the option is set to 1, make
the SocksSocket socket readable and writable by the default GID. (Default: 0) the Unix socket readable and writable by the default GID. (Default: 0)
[[KeepalivePeriod]] **KeepalivePeriod** __NUM__:: [[KeepalivePeriod]] **KeepalivePeriod** __NUM__::
To keep firewalls from expiring connections, send a padding keepalive cell To keep firewalls from expiring connections, send a padding keepalive cell

View File

@ -171,6 +171,7 @@ static config_abbrev_t option_abbrevs_[] = {
{ "BridgeAuthoritativeDirectory", "BridgeAuthoritativeDir", 0, 0}, { "BridgeAuthoritativeDirectory", "BridgeAuthoritativeDir", 0, 0},
{ "HashedControlPassword", "__HashedControlSessionPassword", 1, 0}, { "HashedControlPassword", "__HashedControlSessionPassword", 1, 0},
{ "VirtualAddrNetwork", "VirtualAddrNetworkIPv4", 0, 0}, { "VirtualAddrNetwork", "VirtualAddrNetworkIPv4", 0, 0},
{ "SocksSocketsGroupWritable", "UnixSocksGroupWritable", 0, 1},
{ NULL, NULL, 0, 0}, { NULL, NULL, 0, 0},
}; };
@ -284,7 +285,7 @@ static config_var_t option_vars_[] = {
V(ControlPortWriteToFile, FILENAME, NULL), V(ControlPortWriteToFile, FILENAME, NULL),
V(ControlSocket, LINELIST, NULL), V(ControlSocket, LINELIST, NULL),
V(ControlSocketsGroupWritable, BOOL, "0"), V(ControlSocketsGroupWritable, BOOL, "0"),
V(SocksSocketsGroupWritable, BOOL, "0"), V(UnixSocksGroupWritable, BOOL, "0"),
V(CookieAuthentication, BOOL, "0"), V(CookieAuthentication, BOOL, "0"),
V(CookieAuthFileGroupReadable, BOOL, "0"), V(CookieAuthFileGroupReadable, BOOL, "0"),
V(CookieAuthFile, STRING, NULL), V(CookieAuthFile, STRING, NULL),
@ -7356,7 +7357,7 @@ parse_ports(or_options_t *options, int validate_only,
*n_ports_out = 0; *n_ports_out = 0;
const unsigned gw_flag = options->SocksSocketsGroupWritable ? const unsigned gw_flag = options->UnixSocksGroupWritable ?
CL_PORT_DFLT_GROUP_WRITABLE : 0; CL_PORT_DFLT_GROUP_WRITABLE : 0;
if (parse_port_config(ports, if (parse_port_config(ports,
options->SocksPort_lines, options->SocksPort_lines,

View File

@ -336,8 +336,6 @@ entry_connection_new(int type, int socket_family)
entry_conn->entry_cfg.ipv4_traffic = 1; entry_conn->entry_cfg.ipv4_traffic = 1;
else if (socket_family == AF_INET6) else if (socket_family == AF_INET6)
entry_conn->entry_cfg.ipv6_traffic = 1; entry_conn->entry_cfg.ipv6_traffic = 1;
else if (socket_family == AF_UNIX)
entry_conn->is_socks_socket = 1;
return entry_conn; return entry_conn;
} }

View File

@ -342,7 +342,7 @@ connection_remove(connection_t *conn)
smartlist_len(connection_array)); smartlist_len(connection_array));
if (conn->type == CONN_TYPE_AP && conn->socket_family == AF_UNIX) { if (conn->type == CONN_TYPE_AP && conn->socket_family == AF_UNIX) {
log_info(LD_NET, "Closing SOCKS SocksSocket connection"); log_info(LD_NET, "Closing SOCKS Unix socket connection");
} }
control_event_conn_bandwidth(conn); control_event_conn_bandwidth(conn);

View File

@ -1818,9 +1818,6 @@ typedef struct entry_connection_t {
* the exit has sent a CONNECTED cell) and we have chosen to use it. * the exit has sent a CONNECTED cell) and we have chosen to use it.
*/ */
unsigned int may_use_optimistic_data : 1; unsigned int may_use_optimistic_data : 1;
/** Are we a socks SocksSocket listener? */
unsigned int is_socks_socket:1;
} entry_connection_t; } entry_connection_t;
/** Subtype of connection_t for an "directory connection" -- that is, an HTTP /** Subtype of connection_t for an "directory connection" -- that is, an HTTP
@ -3794,7 +3791,7 @@ typedef struct {
* for control connections. */ * for control connections. */
int ControlSocketsGroupWritable; /**< Boolean: Are control sockets g+rw? */ int ControlSocketsGroupWritable; /**< Boolean: Are control sockets g+rw? */
int SocksSocketsGroupWritable; /**< Boolean: Are SOCKS sockets g+rw? */ int UnixSocksGroupWritable; /**< Boolean: Are SOCKS Unix sockets g+rw? */
/** Ports to listen on for directory connections. */ /** Ports to listen on for directory connections. */
config_line_t *DirPort_lines; config_line_t *DirPort_lines;
config_line_t *DNSPort_lines; /**< Ports to listen on for DNS requests. */ config_line_t *DNSPort_lines; /**< Ports to listen on for DNS requests. */