[tor-commits] [tor/maint-0.2.2] Add a ControlPortFileGroupWritable option

nickm at torproject.org nickm at torproject.org
Fri May 13 14:43:54 UTC 2011


commit 7f654a6a6fb5e956b996eece36ff95e590a6ad63
Author: Nick Mathewson <nickm at torproject.org>
Date:   Thu May 12 19:17:48 2011 -0400

    Add a ControlPortFileGroupWritable option
---
 changes/feature3076 |    5 ++++-
 doc/tor.1.txt       |    5 +++++
 src/or/config.c     |    1 +
 src/or/control.c    |    8 ++++++++
 src/or/or.h         |    2 ++
 5 files changed, 20 insertions(+), 1 deletions(-)

diff --git a/changes/feature3076 b/changes/feature3076
index ed42e45..a3dcec8 100644
--- a/changes/feature3076
+++ b/changes/feature3076
@@ -7,5 +7,8 @@
       type.  This is useful for if the user has selected SocksPort
       "auto", and you need to know which port got chosen.
     - There is a ControlPortWriteToFile option that tells Tor to write
-      its actual control port or ports to a chosen file.
+      its actual control port or ports to a chosen file.  If the option
+      ControlPortFileGroupReadable is set, the file is created as
+      group-readable.
+
 
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index 606580d..d95d764 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -196,6 +196,11 @@ Other options can be specified either on the command-line (--option
     this address.  Usable by controllers to learn the actual control port
     when ControlPort is set to "auto".
 
+**ControlPortFileGroupReadable** **0**|**1**::
+    If this option is set to 0, don't allow the filesystem group to read the
+    control port file. If the option is set to 1, make the control port
+    file readable by the default GID. (Default: 0).
+
 **DataDirectory** __DIR__::
     Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)
 
diff --git a/src/or/config.c b/src/or/config.c
index 5eb6229..a7ff28f 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -206,6 +206,7 @@ static config_var_t _option_vars[] = {
   V(ContactInfo,                 STRING,   NULL),
   V(ControlListenAddress,        LINELIST, NULL),
   V(ControlPort,                 PORT,     "0"),
+  V(ControlPortFileGroupReadable,BOOL,     "0"),
   V(ControlPortWriteToFile,      FILENAME, NULL),
   V(ControlSocket,               LINELIST, NULL),
   V(CookieAuthentication,        BOOL,     "0"),
diff --git a/src/or/control.c b/src/or/control.c
index 6346742..384e579 100644
--- a/src/or/control.c
+++ b/src/or/control.c
@@ -542,6 +542,14 @@ control_ports_write_to_file(void)
     log_warn(LD_CONTROL, "Writing %s failed: %s",
              options->ControlPortWriteToFile, strerror(errno));
   }
+#ifndef MS_WINDOWS
+  if (options->ControlPortFileGroupReadable) {
+    if (chmod(options->ControlPortWriteToFile, 0640)) {
+      log_warn(LD_FS,"Unable to make %s group-readable.",
+               options->ControlPortWriteToFile);
+    }
+  }
+#endif
   tor_free(joined);
   SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
   smartlist_free(lines);
diff --git a/src/or/or.h b/src/or/or.h
index 412aac9..a73d98a 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2876,6 +2876,8 @@ typedef struct {
 
   /** File where we should write the ControlPort. */
   char *ControlPortWriteToFile;
+  /** Should that file be group-readable? */
+  int ControlPortFileGroupReadable;
 
 } or_options_t;
 





More information about the tor-commits mailing list