Clean up the 2972 implementation a little

5 files changed, 19 insertions, 8 deletions

diff --git a/changes/bug2972 b/changes/bug2972
new file mode 100644
index 0000000000..26afcca421
--- /dev/null
+++ b/changes/bug2972
@@ -0,0 +1,5 @@
+  o Minor features:
+    - Allow ControlSockets to be group-writable when the
+      ControlSocksGroupWritable configuration option is turned on. Patch
+      by Jérémy Bobbio; implements ticket 2972.
+
diff --git a/doc/tor.1.txt b/doc/tor.1.txt
index d0d0c2f7cb..1815a8d963 100644
--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@@ -167,7 +167,7 @@ Other options can be specified either on the command-line (--option
     Like ControlPort, but listens on a Unix domain socket, rather than a TCP
     socket. (Unix and Unix-like systems only.)
 
-**UnixSocketsGroupWritable** **0**|**1**::
+**ControlSocketsGroupWritable** **0**|**1**::
     If this option is set to 0, don't allow the filesystem group to read and
     write unix sockets (e.g. ControlSocket). If the option is set to 1, make
     the control socket readable and writable by the default GID. (Default: 0)
diff --git a/src/or/config.c b/src/or/config.c
index c81fc9c594..614fc48c3e 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -209,7 +209,7 @@ static config_var_t _option_vars[] = {
   V(ControlPortFileGroupReadable,BOOL,     "0"),
   V(ControlPortWriteToFile,      FILENAME, NULL),
   V(ControlSocket,               LINELIST, NULL),
-  V(UnixSocketsGroupWritable,    BOOL,     "0"),
+  V(ControlSocketsGroupWritable,    BOOL,     "0"),
   V(CookieAuthentication,        BOOL,     "0"),
   V(CookieAuthFileGroupReadable, BOOL,     "0"),
   V(CookieAuthFile,              STRING,   NULL),
@@ -953,9 +953,15 @@ options_act_reversible(or_options_t *old_options, char **msg)
   }
 
 #ifndef HAVE_SYS_UN_H
-  if (options->ControlSocket || options->UnixSocketsGroupWritable) {
-    *msg = tor_strdup("Unix domain sockets (ControlSocket) not supported"
-                      " on this OS/with this build.");
+  if (options->ControlSocket || options->ControlSocketsGroupWritable) {
+    *msg = tor_strdup("Unix domain sockets (ControlSocket) not supported "
+                      "on this OS/with this build.");
+    goto rollback;
+  }
+#else
+  if (options->ControlSocketsGroupWritable && !options->ControlSocket) {
+    *msg = tor_strdup("Setting ControlSocketGroupWritable without setting"
+                      "a ControlSocket makes no sense.");
     goto rollback;
   }
 #endif
diff --git a/src/or/connection.c b/src/or/connection.c
index d0898c5e5c..12e00e59bb 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -966,9 +966,9 @@ connection_create_listener(const struct sockaddr *listensockaddr,
                tor_socket_strerror(tor_socket_errno(s)));
       goto err;
     }
-    if (get_options()->UnixSocketsGroupWritable) {
+    if (get_options()->ControlSocketsGroupWritable) {
       if (chmod(address, 0660) < 0) {
-        log_warn(LD_FS,"Unable to make %s group-readable.", address);
+        log_warn(LD_FS,"Unable to make %s group-writable.", address);
         tor_close_socket(s);
         goto err;
       }
diff --git a/src/or/or.h b/src/or/or.h
index b72693f029..b9d8319ba5 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -2445,7 +2445,7 @@ typedef struct {
   int ControlPort; /**< Port to listen on for control connections. */
   config_line_t *ControlSocket; /**< List of Unix Domain Sockets to listen on
                                  * for control connections. */
-  int UnixSocketsGroupWritable; /**< Boolean: Are unix sockets g+rw? */
+  int ControlSocketsGroupWritable; /**< Boolean: Are control sockets g+rw? */
   int DirPort; /**< Port to listen on for directory connections. */
   int DNSPort; /**< Port to listen on for DNS requests. */
   int AssumeReachable; /**< Whether to publish our descriptor regardless. */