summaryrefslogtreecommitdiff
path: root/src/or
diff options
context:
space:
mode:
authorNick Mathewson <nickm@torproject.org>2015-01-29 14:51:59 -0500
committerNick Mathewson <nickm@torproject.org>2015-01-29 14:51:59 -0500
commit4c1a77953942f4921f8a151e01933c8f9d104e7f (patch)
treebb400c1dc0e9f420026b10d6d82a4e2693bcc3fa /src/or
parent204374f7d92997a510a7aabe5ec57f0f87a3499f (diff)
downloadtor-4c1a77953942f4921f8a151e01933c8f9d104e7f.tar.gz
tor-4c1a77953942f4921f8a151e01933c8f9d104e7f.zip
Restrict unix: addresses to control and socks for now
Diffstat (limited to 'src/or')
-rw-r--r--src/or/config.c6
-rw-r--r--src/or/connection.c27
-rw-r--r--src/or/connection.h1
3 files changed, 26 insertions, 8 deletions
diff --git a/src/or/config.c b/src/or/config.c
index ab1f318690..05b4d14337 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -5862,6 +5862,12 @@ parse_port_config(smartlist_t *out,
goto err;
}
+ if (unix_socket_path &&
+ ! conn_listener_type_supports_af_unix(listener_type)) {
+ log_warn(LD_CONFIG, "%sPort does not support unix sockets", portname);
+ goto err;
+ }
+
if (unix_socket_path) {
port = 1;
} else if (is_unix_socket) {
diff --git a/src/or/connection.c b/src/or/connection.c
index 170d3d7f1e..b7dfb1de02 100644
--- a/src/or/connection.c
+++ b/src/or/connection.c
@@ -449,6 +449,22 @@ connection_link_connections(connection_t *conn_a, connection_t *conn_b)
conn_b->linked_conn = conn_a;
}
+/** Return true iff the provided connection listener type supports AF_UNIX
+ * sockets. */
+int
+conn_listener_type_supports_af_unix(int type)
+{
+ /* For now only control ports or SOCKS ports can be Unix domain sockets
+ * and listeners at the same time */
+ switch (type) {
+ case CONN_TYPE_CONTROL_LISTENER:
+ case CONN_TYPE_AP_LISTENER:
+ return 1;
+ default:
+ return 0;
+ }
+}
+
/** Deallocate memory used by <b>conn</b>. Deallocate its buffers if
* necessary, close its socket if necessary, and mark the directory as dirty
* if <b>conn</b> is an OR or OP connection.
@@ -516,8 +532,7 @@ connection_free_(connection_t *conn)
if (conn->socket_family == AF_UNIX) {
/* For now only control and SOCKS ports can be Unix domain sockets
* and listeners at the same time */
- tor_assert(conn->type == CONN_TYPE_CONTROL_LISTENER ||
- conn->type == CONN_TYPE_AP_LISTENER);
+ tor_assert(conn_listener_type_supports_af_unix(conn->type));
if (unlink(conn->address) < 0 && errno != ENOENT) {
log_warn(LD_NET, "Could not unlink %s: %s", conn->address,
@@ -1172,17 +1187,13 @@ connection_listener_new(const struct sockaddr *listensockaddr,
}
#ifdef HAVE_SYS_UN_H
/*
- * AF_UNIX generic setup stuff (this covers both CONN_TYPE_CONTROL_LISTENER
- * and CONN_TYPE_AP_LISTENER cases)
+ * AF_UNIX generic setup stuff
*/
} else if (listensockaddr->sa_family == AF_UNIX) {
/* We want to start reading for both AF_UNIX cases */
start_reading = 1;
- /* For now only control ports or SOCKS ports can be Unix domain sockets
- * and listeners at the same time */
- tor_assert(type == CONN_TYPE_CONTROL_LISTENER ||
- type == CONN_TYPE_AP_LISTENER);
+ tor_assert(conn_listener_type_supports_af_unix(type));
if (check_location_for_unix_socket(options, address,
(type == CONN_TYPE_CONTROL_LISTENER) ?
diff --git a/src/or/connection.h b/src/or/connection.h
index 50bea51e5b..d0a34ece5c 100644
--- a/src/or/connection.h
+++ b/src/or/connection.h
@@ -17,6 +17,7 @@
const char *conn_type_to_string(int type);
const char *conn_state_to_string(int type, int state);
+int conn_listener_type_supports_af_unix(int type);
dir_connection_t *dir_connection_new(int socket_family);
or_connection_t *or_connection_new(int type, int socket_family);