Merge remote-tracking branch 'dgoulet/bug19953_030_01'

changes/bug19953

@@ -0,0 +1,6 @@
+  o Minor bugfixes (relay)
+    - Honor DataDirectoryGroupReadable when tor is a relay. Previously, the
+      initialization of the keys would reset the DataDirectory to 0700 instead
+      of 0750 if DataDirectoryGroupReadable was set to 1. Fixes #19953. Patch
+      by "redfish".; bugfix on tor-0.0.2pre16.
+

src/or/router.c

@@ -849,7 +849,12 @@ init_keys(void)
   if (init_keys_common() < 0)
     return -1;
   /* Make sure DataDirectory exists, and is private. */
-  if (check_private_dir(options->DataDirectory, CPD_CREATE, options->User)) {
+  cpd_check_t cpd_opts = CPD_CREATE;
+  if (options->DataDirectoryGroupReadable)
+    cpd_opts |= CPD_GROUP_READ;
+  if (check_private_dir(options->DataDirectory, cpd_opts, options->User)) {
+    log_err(LD_OR, "Can't create/check datadirectory %s",
+            options->DataDirectory);
     return -1;
   }
   /* Check the key directory. */

src/or/routerkeys.c

@@ -785,8 +785,11 @@ load_ed_keys(const or_options_t *options, time_t now)
     if (options->command == CMD_KEYGEN)
       flags |= INIT_ED_KEY_TRY_ENCRYPTED;
 
-    /* Check the key directory */
-    if (check_private_dir(options->DataDirectory, CPD_CREATE, options->User)) {
+    /* Check/Create the key directory */
+    cpd_check_t cpd_opts = CPD_CREATE;
+    if (options->DataDirectoryGroupReadable)
+      cpd_opts |= CPD_GROUP_READ;
+    if (check_private_dir(options->DataDirectory, cpd_opts, options->User)) {
       log_err(LD_OR, "Can't create/check datadirectory %s",
               options->DataDirectory);
       goto err;