diff options
| author | Peter Palfrader <peter@palfrader.org> | 2016-03-01 17:08:14 +0100 |
|---|---|---|
| committer | Peter Palfrader <peter@palfrader.org> | 2016-03-01 17:08:14 +0100 |
| commit | 1ef7df551d8efc0a74536006c17bdaa3cbb0931d (patch) | |
| tree | fcfbd01f83184691a22d72e0883c8cb001ca9f73 /src/or | |
| parent | 9fc472e1a8a53a18dfbd5c9cde2f1c268c335e96 (diff) | |
| download | tor-1ef7df551d8efc0a74536006c17bdaa3cbb0931d.tar.gz tor-1ef7df551d8efc0a74536006c17bdaa3cbb0931d.zip | |
First RelaxDirModeCheck implementation
Diffstat (limited to 'src/or')
| -rw-r--r-- | src/or/config.c | 16 | ||||
| -rw-r--r-- | src/or/connection.c | 4 | ||||
| -rw-r--r-- | src/or/or.h | 1 |
3 files changed, 17 insertions, 4 deletions
diff --git a/src/or/config.c b/src/or/config.c index 544b032f3a..556d285346 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -6325,7 +6325,8 @@ parse_port_config(smartlist_t *out, ipv4_traffic = 1, ipv6_traffic = 0, prefer_ipv6 = 0, cache_ipv4 = 1, use_cached_ipv4 = 0, cache_ipv6 = 0, use_cached_ipv6 = 0, - prefer_ipv6_automap = 1, world_writable = 0, group_writable = 0; + prefer_ipv6_automap = 1, world_writable = 0, group_writable = 0, relax_dirmode_check = 0, + has_used_unix_socket_only_option = 0; smartlist_split_string(elts, ports->value, NULL, SPLIT_SKIP_SPACE|SPLIT_IGNORE_BLANK, 0); @@ -6478,9 +6479,15 @@ parse_port_config(smartlist_t *out, if (!strcasecmp(elt, "GroupWritable")) { group_writable = !no; + has_used_unix_socket_only_option = 1; continue; } else if (!strcasecmp(elt, "WorldWritable")) { world_writable = !no; + has_used_unix_socket_only_option = 1; + continue; + } else if (!strcasecmp(elt, "RelaxDirModeCheck")) { + relax_dirmode_check = !no; + has_used_unix_socket_only_option = 1; continue; } @@ -6568,9 +6575,9 @@ parse_port_config(smartlist_t *out, goto err; } - if ( (world_writable || group_writable) && ! unix_socket_path) { - log_warn(LD_CONFIG, "You have a %sPort entry with GroupWritable " - "or WorldWritable set, but it is not a unix socket.", portname); + if ( has_used_unix_socket_only_option && ! unix_socket_path) { + log_warn(LD_CONFIG, "You have a %sPort entry with GroupWritable, " + "WorldWritable, or StrictDirModes, but it is not a unix socket.", portname); goto err; } @@ -6596,6 +6603,7 @@ parse_port_config(smartlist_t *out, cfg->type = listener_type; cfg->is_world_writable = world_writable; cfg->is_group_writable = group_writable; + cfg->relax_dirmode_check = relax_dirmode_check; cfg->entry_cfg.isolation_flags = isolation; cfg->entry_cfg.session_group = sessiongroup; cfg->server_cfg.no_advertise = no_advertise; diff --git a/src/or/connection.c b/src/or/connection.c index 2e1c508894..4e915f1213 100644 --- a/src/or/connection.c +++ b/src/or/connection.c @@ -1014,6 +1014,10 @@ check_location_for_unix_socket(const or_options_t *options, const char *path, flags |= CPD_GROUP_OK; } + if (port->relax_dirmode_check) { + flags |= CPD_RELAX_DIRMODE_CHECK; + } + if (check_private_dir(p, flags, options->User) < 0) { char *escpath, *escdir; escpath = esc_for_log(path); diff --git a/src/or/or.h b/src/or/or.h index 4d145e45ff..4c295ab961 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -3456,6 +3456,7 @@ typedef struct port_cfg_t { unsigned is_group_writable : 1; unsigned is_world_writable : 1; + unsigned relax_dirmode_check : 1; entry_port_cfg_t entry_cfg; |