diff options
| -rw-r--r-- | changes/bug23909 | 4 | ||||
| -rw-r--r-- | src/or/keypin.c | 8 |
2 files changed, 8 insertions, 4 deletions
diff --git a/changes/bug23909 b/changes/bug23909 new file mode 100644 index 0000000000..6b84e711e7 --- /dev/null +++ b/changes/bug23909 @@ -0,0 +1,4 @@ + o Minor features (directory authority): + - Directory authorities now open their key-pinning files as O_SYNC, + to prevent themselves from accidentally writing partial lines. + Closes ticket 23909. diff --git a/src/or/keypin.c b/src/or/keypin.c index 1698dc184f..66525cbf90 100644 --- a/src/or/keypin.c +++ b/src/or/keypin.c @@ -289,8 +289,7 @@ static int keypin_journal_fd = -1; int keypin_open_journal(const char *fname) { - /* O_SYNC ??*/ - int fd = tor_open_cloexec(fname, O_WRONLY|O_CREAT|O_BINARY, 0600); + int fd = tor_open_cloexec(fname, O_WRONLY|O_CREAT|O_BINARY|O_SYNC, 0600); if (fd < 0) goto err; @@ -417,10 +416,11 @@ keypin_load_journal_impl(const char *data, size_t size) ++n_entries; } - int severity = (n_corrupt_lines || n_duplicates) ? LOG_WARN : LOG_INFO; + int severity = (n_corrupt_lines || n_duplicates) ? LOG_NOTICE : LOG_INFO; tor_log(severity, LD_DIRSERV, "Loaded %d entries from keypin journal. " - "Found %d corrupt lines, %d duplicates, and %d conflicts.", + "Found %d corrupt lines (ignored), %d duplicates (harmless), " + "and %d conflicts (resolved in favor or more recent entry).", n_entries, n_corrupt_lines, n_duplicates, n_conflicts); return 0; |