[or-cvs] r11134: Backport r11117: exit when we fail to write an auth cookie, (in tor/branches/tor-0_1_2-patches: . doc src/or)

nickm at seul.org nickm at seul.org
Thu Aug 16 16:41:42 UTC 2007


Author: nickm
Date: 2007-08-16 12:41:41 -0400 (Thu, 16 Aug 2007)
New Revision: 11134

Modified:
   tor/branches/tor-0_1_2-patches/
   tor/branches/tor-0_1_2-patches/ChangeLog
   tor/branches/tor-0_1_2-patches/doc/TODO.012
   tor/branches/tor-0_1_2-patches/src/or/config.c
   tor/branches/tor-0_1_2-patches/src/or/control.c
Log:
 r14590 at catbus:  nickm | 2007-08-16 12:19:12 -0400
 Backport r11117: exit when we fail to write an auth cookie, and do not attempt to rewrite the auth cookie every time we restart.



Property changes on: tor/branches/tor-0_1_2-patches
___________________________________________________________________
 svk:merge ticket from /tor/012 [r14590] on 8246c3cf-6607-4228-993b-4d95d33730f1

Modified: tor/branches/tor-0_1_2-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_1_2-patches/ChangeLog	2007-08-16 16:41:38 UTC (rev 11133)
+++ tor/branches/tor-0_1_2-patches/ChangeLog	2007-08-16 16:41:41 UTC (rev 11134)
@@ -17,6 +17,11 @@
       weighting by fraction of bandwidth provided by exits.  Previously,
       we would choose with only approximate fairness, and correct ourselves
       if we ran off the end of the list.
+    - If we require CookieAuthentication but we fail to write the
+      cookie file, we would warn but not exit, and end up in a state
+      where no controller could authenticate. Now we exit.
+    - If we require CookieAuthentication, stop generating a new cookie
+      every time we change any piece of our config.
 
 
 Changes in version 0.1.2.16 - 2007-08-01

Modified: tor/branches/tor-0_1_2-patches/doc/TODO.012
===================================================================
--- tor/branches/tor-0_1_2-patches/doc/TODO.012	2007-08-16 16:41:38 UTC (rev 11133)
+++ tor/branches/tor-0_1_2-patches/doc/TODO.012	2007-08-16 16:41:41 UTC (rev 11134)
@@ -3,7 +3,7 @@
   o r10956: fix the math for exit bandwidth weighting
   o r10994: Disable SENTINELS checking in order to use less RAM in
     buffer allocation.
-  - r11117: cookie auth more usable
+  o r11117: cookie auth more usable
   - disable v0 control protocol
 
 

Modified: tor/branches/tor-0_1_2-patches/src/or/config.c
===================================================================
--- tor/branches/tor-0_1_2-patches/src/or/config.c	2007-08-16 16:41:38 UTC (rev 11133)
+++ tor/branches/tor-0_1_2-patches/src/or/config.c	2007-08-16 16:41:41 UTC (rev 11134)
@@ -958,7 +958,10 @@
   /* Update address policies. */
   policies_parse_from_options(options);
 
-  init_cookie_authentication(options->CookieAuthentication);
+  if (init_cookie_authentication(options->CookieAuthentication) < 0) {
+    log_warn(LD_CONFIG,"Error creating cookie authentication file");
+    return -1;
+  }
 
   /* reload keys as needed for rendezvous services. */
   if (rend_service_load_keys()<0) {

Modified: tor/branches/tor-0_1_2-patches/src/or/control.c
===================================================================
--- tor/branches/tor-0_1_2-patches/src/or/control.c	2007-08-16 16:41:38 UTC (rev 11133)
+++ tor/branches/tor-0_1_2-patches/src/or/control.c	2007-08-16 16:41:41 UTC (rev 11134)
@@ -3933,7 +3933,8 @@
 
 /** Choose a random authentication cookie and write it to disk.
  * Anybody who can read the cookie from disk will be considered
- * authorized to use the control connection. */
+ * authorized to use the control connection. Return -1 if we can't
+ * write the file, or 0 on success */
 int
 init_cookie_authentication(int enabled)
 {
@@ -3944,13 +3945,17 @@
     return 0;
   }
 
+  if (authentication_cookie_is_set)
+    return 0;
+
   tor_snprintf(fname, sizeof(fname), "%s/control_auth_cookie",
                get_options()->DataDirectory);
   crypto_rand(authentication_cookie, AUTHENTICATION_COOKIE_LEN);
   authentication_cookie_is_set = 1;
   if (write_bytes_to_file(fname, authentication_cookie,
                           AUTHENTICATION_COOKIE_LEN, 1)) {
-    log_warn(LD_FS,"Error writing authentication cookie.");
+    log_warn(LD_FS,"Error writing authentication cookie to %s.",
+             escaped(fname));
     return -1;
   }
 



More information about the tor-commits mailing list