commit 668e3a77090b031bec8254dfc6d816f5f4add54d Author: Nick Mathewson nickm@torproject.org Date: Thu Sep 5 11:48:29 2019 -0400
config: Introduce the concept of an "ungettable" variable.
We had though to make all obsolete and invisible variables ungettable, so that GETCONF would reject them. But it turns out that this isn't the current behavior of GETCONF with those variables. So for now, I'm leaving the current behavior unchanged. (See ticket 31647 for a proposal to change the behavior.) --- src/app/config/confparse.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+)
diff --git a/src/app/config/confparse.c b/src/app/config/confparse.c index 3341ee784..1923a0c1e 100644 --- a/src/app/config/confparse.c +++ b/src/app/config/confparse.c @@ -534,6 +534,23 @@ config_var_is_settable(const config_var_t *var) return struct_var_is_settable(&var->member); }
+/** + * Return true iff the controller is allowed to fetch the value of + * <b>var</b>. + **/ +static bool +config_var_is_gettable(const config_var_t *var) +{ + /* Arguably, invisible or obsolete options should not be gettable. However, + * they have been gettable for a long time, and making them ungettable could + * have compatibility effects. For now, let's leave them alone. + */ + + // return (var->flags & (CVFLAG_OBSOLETE|CFGLAGS_INVISIBLE)) == 0; + (void)var; + return true; +} + bool config_var_is_contained(const config_var_t *var) { @@ -776,6 +793,11 @@ config_get_assigned_option(const config_mgr_t *mgr, const void *options, log_warn(LD_CONFIG, "Unknown option '%s'. Failing.", key); return NULL; } + if (! config_var_is_gettable(var->cvar)) { + log_warn(LD_CONFIG, "Option '%s' is obsolete or unfetchable. Failing.", + key); + return NULL; + } const void *object = config_mgr_get_obj(mgr, options, var->object_idx);
result = struct_var_kvencode(object, &var->cvar->member);