diff options
| author | Roger Dingledine <arma@torproject.org> | 2007-08-15 15:26:14 +0000 |
|---|---|---|
| committer | Roger Dingledine <arma@torproject.org> | 2007-08-15 15:26:14 +0000 |
| commit | f606d74f56ec13a21ea63f2c1b1e59bdc63f20b0 (patch) | |
| tree | 2c5e92c50241d6f4c7d5a3283d8c106ccaefc79e | |
| parent | 93375d9a84bf10113285cf2f8fd426f961002025 (diff) | |
| download | tor-f606d74f56ec13a21ea63f2c1b1e59bdc63f20b0.tar.gz tor-f606d74f56ec13a21ea63f2c1b1e59bdc63f20b0.zip | |
backport candidate:
- If we require CookieAuthentication but we fail to write the
cookie file, we would warn but not exit, and end up in a state
where no controller could authenticate. Now we exit.
- If we require CookieAuthentication, stop generating a new cookie
every time we change any piece of our config.
svn:r11117
| -rw-r--r-- | ChangeLog | 8 | ||||
| -rw-r--r-- | src/or/config.c | 5 | ||||
| -rw-r--r-- | src/or/control.c | 11 |
3 files changed, 21 insertions, 3 deletions
@@ -26,6 +26,14 @@ Changes in version 0.2.0.5-alpha - 2007-??-?? - Read v3 keys from the right location. - Numerous bugfixes to directory voting code. + o Minor bugfixes (other): + - If we require CookieAuthentication but we fail to write the + cookie file, we would warn but not exit, and end up in a state + where no controller could authenticate. Now we exit. + - If we require CookieAuthentication, stop generating a new cookie + every time we change any piece of our config. + + Changes in version 0.2.0.4-alpha - 2007-08-01 o Major security fixes: - Close immediately after missing authentication on control port; diff --git a/src/or/config.c b/src/or/config.c index 804ec574f7..168d0dbdea 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -1039,7 +1039,10 @@ options_act(or_options_t *old_options) /* Update address policies. */ policies_parse_from_options(options); - init_cookie_authentication(options->CookieAuthentication); + if (init_cookie_authentication(options->CookieAuthentication) < 0) { + log_warn(LD_CONFIG,"Error creating cookie authentication file."); + return -1; + } /* reload keys as needed for rendezvous services. */ if (rend_service_load_keys()<0) { diff --git a/src/or/control.c b/src/or/control.c index 4f451f523a..c38bfa4cbb 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -3343,7 +3343,8 @@ control_event_guard(const char *nickname, const char *digest, /** Choose a random authentication cookie and write it to disk. * Anybody who can read the cookie from disk will be considered - * authorized to use the control connection. */ + * authorized to use the control connection. Return -1 if we can't + * write the file, or 0 on success. */ int init_cookie_authentication(int enabled) { @@ -3354,13 +3355,19 @@ init_cookie_authentication(int enabled) return 0; } + /* We don't want to generate a new cookie every time we call + * options_act(). One should be enough. */ + if (authentication_cookie_is_set) + return 0; /* all set */ + tor_snprintf(fname, sizeof(fname), "%s"PATH_SEPARATOR"control_auth_cookie", get_options()->DataDirectory); crypto_rand(authentication_cookie, AUTHENTICATION_COOKIE_LEN); authentication_cookie_is_set = 1; if (write_bytes_to_file(fname, authentication_cookie, AUTHENTICATION_COOKIE_LEN, 1)) { - log_warn(LD_FS,"Error writing authentication cookie."); + log_warn(LD_FS,"Error writing authentication cookie to %s.", + escaped(fname)); return -1; } |