commit edd427a8ba7520b54b92b2d828410491eb3fc2ca Merge: df4d5ebb7 65a27d95e Author: Nick Mathewson <nickm@torproject.org> Date: Fri Jan 19 16:35:24 2018 -0500 Merge branch 'disable_signal_handlers' changes/ticket24588 | 5 ++++ src/or/config.c | 2 ++ src/or/main.c | 72 +++++++++++++++++++++++++---------------------------- src/or/main.h | 2 +- src/or/or.h | 5 ++++ 5 files changed, 47 insertions(+), 39 deletions(-) diff --cc src/or/config.c index e5c10498c,ebbe726c7..bd309bc87 --- a/src/or/config.c +++ b/src/or/config.c @@@ -4663,51 -4636,142 +4664,52 @@@ options_transition_allowed(const or_opt if (!old) return 0; - if (!opt_streq(old->PidFile, new_val->PidFile)) { - *msg = tor_strdup("PidFile is not allowed to change."); - return -1; - } - - if (old->RunAsDaemon != new_val->RunAsDaemon) { - *msg = tor_strdup("While Tor is running, changing RunAsDaemon " - "is not allowed."); - return -1; - } - - if (old->Sandbox != new_val->Sandbox) { - *msg = tor_strdup("While Tor is running, changing Sandbox " - "is not allowed."); - return -1; - } - - if (old->DisableSignalHandlers != new_val->DisableSignalHandlers) { - *msg = tor_strdup("While Tor is running, changing DisableSignalHandlers " - "is not allowed."); - return -1; - } - - if (strcmp(old->DataDirectory,new_val->DataDirectory)!=0) { - tor_asprintf(msg, - "While Tor is running, changing DataDirectory " - "(\"%s\"->\"%s\") is not allowed.", - old->DataDirectory, new_val->DataDirectory); - return -1; - } - - if (!opt_streq(old->KeyDirectory, new_val->KeyDirectory)) { - tor_asprintf(msg, - "While Tor is running, changing KeyDirectory " - "(\"%s\"->\"%s\") is not allowed.", - old->KeyDirectory, new_val->KeyDirectory); - return -1; - } - - if (!opt_streq(old->CacheDirectory, new_val->CacheDirectory)) { - tor_asprintf(msg, - "While Tor is running, changing CacheDirectory " - "(\"%s\"->\"%s\") is not allowed.", - old->CacheDirectory, new_val->CacheDirectory); - return -1; - } - - if (!opt_streq(old->User, new_val->User)) { - *msg = tor_strdup("While Tor is running, changing User is not allowed."); - return -1; - } - - if (old->KeepBindCapabilities != new_val->KeepBindCapabilities) { - *msg = tor_strdup("While Tor is running, changing KeepBindCapabilities is " - "not allowed."); - return -1; - } - - if (!opt_streq(old->SyslogIdentityTag, new_val->SyslogIdentityTag)) { - *msg = tor_strdup("While Tor is running, changing " - "SyslogIdentityTag is not allowed."); - return -1; - } - - if (!opt_streq(old->AndroidIdentityTag, new_val->AndroidIdentityTag)) { - *msg = tor_strdup("While Tor is running, changing " - "AndroidIdentityTag is not allowed."); - return -1; - } - - if ((old->HardwareAccel != new_val->HardwareAccel) - || !opt_streq(old->AccelName, new_val->AccelName) - || !opt_streq(old->AccelDir, new_val->AccelDir)) { - *msg = tor_strdup("While Tor is running, changing OpenSSL hardware " - "acceleration engine is not allowed."); - return -1; - } - - if (old->TestingTorNetwork != new_val->TestingTorNetwork) { - *msg = tor_strdup("While Tor is running, changing TestingTorNetwork " - "is not allowed."); - return -1; - } - - if (old->DisableAllSwap != new_val->DisableAllSwap) { - *msg = tor_strdup("While Tor is running, changing DisableAllSwap " - "is not allowed."); - return -1; - } - - if (old->TokenBucketRefillInterval != new_val->TokenBucketRefillInterval) { - *msg = tor_strdup("While Tor is running, changing TokenBucketRefill" - "Interval is not allowed"); - return -1; - } - - if (old->HiddenServiceSingleHopMode != new_val->HiddenServiceSingleHopMode) { - *msg = tor_strdup("While Tor is running, changing " - "HiddenServiceSingleHopMode is not allowed."); - return -1; - } - - if (old->HiddenServiceNonAnonymousMode != - new_val->HiddenServiceNonAnonymousMode) { - *msg = tor_strdup("While Tor is running, changing " - "HiddenServiceNonAnonymousMode is not allowed."); - return -1; - } - - if (old->DisableDebuggerAttachment && - !new_val->DisableDebuggerAttachment) { - *msg = tor_strdup("While Tor is running, disabling " - "DisableDebuggerAttachment is not allowed."); - return -1; - } - - if (old->NoExec && !new_val->NoExec) { - *msg = tor_strdup("While Tor is running, disabling " - "NoExec is not allowed."); - return -1; - } - - if (old->OwningControllerFD != new_val->OwningControllerFD) { - *msg = tor_strdup("While Tor is running, changing OwningControllerFD " - "is not allowed."); - return -1; - } +#define BAD_CHANGE_TO(opt, how) do { \ + *msg = tor_strdup("While Tor is running"how", changing " #opt \ + " is not allowed"); \ + return -1; \ + } while (0) + +#define NO_CHANGE_BOOL(opt) \ + if (! CFG_EQ_BOOL(old, new_val, opt)) BAD_CHANGE_TO(opt,"") +#define NO_CHANGE_INT(opt) \ + if (! CFG_EQ_INT(old, new_val, opt)) BAD_CHANGE_TO(opt,"") +#define NO_CHANGE_STRING(opt) \ + if (! CFG_EQ_STRING(old, new_val, opt)) BAD_CHANGE_TO(opt,"") + + NO_CHANGE_STRING(PidFile); + NO_CHANGE_BOOL(RunAsDaemon); + NO_CHANGE_BOOL(Sandbox); + NO_CHANGE_STRING(DataDirectory); + NO_CHANGE_STRING(KeyDirectory); + NO_CHANGE_STRING(CacheDirectory); + NO_CHANGE_STRING(User); + NO_CHANGE_BOOL(KeepBindCapabilities); + NO_CHANGE_STRING(SyslogIdentityTag); + NO_CHANGE_STRING(AndroidIdentityTag); + NO_CHANGE_BOOL(HardwareAccel); + NO_CHANGE_STRING(AccelName); + NO_CHANGE_STRING(AccelDir); + NO_CHANGE_BOOL(TestingTorNetwork); + NO_CHANGE_BOOL(DisableAllSwap); + NO_CHANGE_INT(TokenBucketRefillInterval); + NO_CHANGE_BOOL(HiddenServiceSingleHopMode); + NO_CHANGE_BOOL(HiddenServiceNonAnonymousMode); + NO_CHANGE_BOOL(DisableDebuggerAttachment); + NO_CHANGE_BOOL(NoExec); + NO_CHANGE_INT(OwningControllerFD); ++ NO_CHANGE_BOOL(DisableSignalHandlers); if (sandbox_is_active()) { -#define SB_NOCHANGE_STR(opt) \ - do { \ - if (! opt_streq(old->opt, new_val->opt)) { \ - *msg = tor_strdup("Can't change " #opt " while Sandbox is active"); \ - return -1; \ - } \ - } while (0) +#define SB_NOCHANGE_STR(opt) \ + if (! CFG_EQ_STRING(old, new_val, opt)) \ + BAD_CHANGE_TO(opt," with Sandbox active") +#define SB_NOCHANGE_LINELIST(opt) \ + if (! CFG_EQ_LINELIST(old, new_val, opt)) \ + BAD_CHANGE_TO(opt," with Sandbox active") +#define SB_NOCHANGE_INT(opt) \ + if (! CFG_EQ_INT(old, new_val, opt)) \ + BAD_CHANGE_TO(opt," with Sandbox active") SB_NOCHANGE_STR(Address); SB_NOCHANGE_STR(ServerDNSResolvConfFile);