diff options
| author | Nick Mathewson <nickm@torproject.org> | 2007-08-16 17:46:01 +0000 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2007-08-16 17:46:01 +0000 |
| commit | 718953dbe97446e0c2b4b1ccae3b2be0d36473a1 (patch) | |
| tree | d072e9f51dfd268b86131c14fd2860961cbff92b /src | |
| parent | f4398feadb8e3c1af51a825ac0eafe5abc08683d (diff) | |
| download | tor-718953dbe97446e0c2b4b1ccae3b2be0d36473a1.tar.gz tor-718953dbe97446e0c2b4b1ccae3b2be0d36473a1.zip | |
r14606@catbus: nickm | 2007-08-16 13:45:01 -0400
Implement CookieAuthFile and CookieAuthFileGroupReadable. Backport candidate.
svn:r11141
Diffstat (limited to 'src')
| -rw-r--r-- | src/or/config.c | 3 | ||||
| -rw-r--r-- | src/or/control.c | 22 | ||||
| -rw-r--r-- | src/or/or.h | 2 |
3 files changed, 22 insertions, 5 deletions
diff --git a/src/or/config.c b/src/or/config.c index 5b562adc71..2ee672384f 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -152,6 +152,9 @@ static config_var_t _option_vars[] = { VAR("ControlPort", UINT, ControlPort, "0"), VAR("ControlSocket", LINELIST, ControlSocket, NULL), VAR("CookieAuthentication",BOOL, CookieAuthentication, "0"), + VAR("CookieAuthFileGroupReadable",BOOL, CookieAuthFileGroupReadable, "0"), + VAR("CookieAuthFile", STRING, CookieAuthFile, "0"), + VAR("CookieAuthentication",BOOL, CookieAuthentication, "0"), VAR("DataDirectory", STRING, DataDirectory, NULL), OBSOLETE("DebugLogFile"), VAR("DirAllowPrivateAddresses",BOOL, DirAllowPrivateAddresses, NULL), diff --git a/src/or/control.c b/src/or/control.c index 5a256783df..67b56f40db 100644 --- a/src/or/control.c +++ b/src/or/control.c @@ -3434,11 +3434,16 @@ control_event_guard(const char *nickname, const char *digest, static char * get_cookie_file(void) { - const char *datadir = get_options()->DataDirectory; - size_t len = strlen(datadir)+64; - char *fname = tor_malloc(len); - tor_snprintf(fname, len, "%s"PATH_SEPARATOR"control_auth_cookie", datadir); - return fname; + or_options_t *options = get_options(); + if (options->CookieAuthFile && strlen(options->CookieAuthFile)) { + return tor_strdup(options->CookieAuthFile); + } else { + const char *datadir = get_options()->DataDirectory; + size_t len = strlen(datadir)+64; + char *fname = tor_malloc(len); + tor_snprintf(fname, len, "%s"PATH_SEPARATOR"control_auth_cookie", datadir); + return fname; + } } /** Choose a random authentication cookie and write it to disk. @@ -3469,6 +3474,13 @@ init_cookie_authentication(int enabled) tor_free(fname); return -1; } +#ifndef MS_WINDOWS + if (get_options()->CookieAuthFileGroupReadable) { + if (chmod(fname, 0640)) { + log_warn(LD_FS,"Unable to make %s group-readable.", escaped(fname)); + } + } +#endif tor_free(fname); return 0; diff --git a/src/or/or.h b/src/or/or.h index f7b77a3361..0864d24e5e 100644 --- a/src/or/or.h +++ b/src/or/or.h @@ -2022,6 +2022,8 @@ typedef struct { * the control system. */ int CookieAuthentication; /**< Boolean: do we enable cookie-based auth for * the control system? */ + char *CookieAuthFile; /**< Location of a cookie authentication file. */ + int CookieAuthFileGroupReadable; /**< Boolean: Is the CookieAuthFile g+r? */ int LeaveStreamsUnattached; /**< Boolean: Does Tor attach new streams to * circuits itself (0), or does it expect a controller * to cope? (1) */ |