[or-cvs] [tor/master] Warn for bad combination of cookie options

[nickm at torproject.org]

Author: Sebastian Hahn <sebastian at torproject.org>
Date: Fri, 20 Aug 2010 02:42:17 +0200
Subject: Warn for bad combination of cookie options
Commit: 219f7415d1765db8c59dc7530416a4293416c869

Setting CookieAuthFileGroupReadable but without setting CookieAuthFile makes
no sense, because unix directory permissions for the data directory prevent
the group from accessing the file anyways.
---
 changes/bug1843 |    4 ++++
 src/or/config.c |    7 +++++++
 2 files changed, 11 insertions(+), 0 deletions(-)
 create mode 100644 changes/bug1843

diff --git a/changes/bug1843 b/changes/bug1843
new file mode 100644
index 0000000..f44054e
--- /dev/null
+++ b/changes/bug1843
@@ -0,0 +1,4 @@
+  o Minor features:
+    - Warn when CookieAuthFileGroupReadable is set but CookieAuthFile is
+      not. This would lead to a cookie that is still not group readable.
+      Closes bug 1843. Suggested by katmagic.
diff --git a/src/or/config.c b/src/or/config.c
index 9d98d15..7ad272f 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -3501,6 +3501,13 @@ options_validate(or_options_t *old_options, or_options_t *options,
              "upgrade your Tor controller as soon as possible.");
   }
 
+  if (options->CookieAuthFileGroupReadable && !options->CookieAuthFile) {
+    log_warn(LD_CONFIG, "You set the CookieAuthFileGroupReadable but did "
+             "not configure a the path for the cookie file via "
+             "CookieAuthFile. This means your cookie will not be group "
+             "readable.");
+  }
+
   if (options->UseEntryGuards && ! options->NumEntryGuards)
     REJECT("Cannot enable UseEntryGuards with NumEntryGuards set to 0");
 
-- 
1.7.1