summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/common/util.c9
-rw-r--r--src/common/util.h2
-rw-r--r--src/or/or.h3
-rw-r--r--src/or/rendservice.c22
-rw-r--r--src/test/test_checkdir.c6
5 files changed, 22 insertions, 20 deletions
diff --git a/src/common/util.c b/src/common/util.c
index 0323264494..c5b47b13f8 100644
--- a/src/common/util.c
+++ b/src/common/util.c
@@ -1873,10 +1873,11 @@ file_status(const char *fname)
* return -1. If CPD_GROUP_OK is set, then it's okay if the directory
* is group-readable, but in all cases we create the directory mode 0700.
* If CPD_GROUP_READ is set, existing directory behaves as CPD_GROUP_OK and
- * if the directory is created it will use mode 0750 with group read permission.
- * Group read privileges also assume execute permission as norm for directories.
- * If CPD_CHECK_MODE_ONLY is set, then we don't alter the directory permissions
- * if they are too permissive: we just return -1.
+ * if the directory is created it will use mode 0750 with group read
+ * permission. Group read privileges also assume execute permission
+ * as norm for directories. If CPD_CHECK_MODE_ONLY is set, then we don't
+ * alter the directory permissions if they are too permissive:
+ * we just return -1.
* When effective_user is not NULL, check permissions against the given user
* and its primary group.
*/
diff --git a/src/common/util.h b/src/common/util.h
index 755ef4b82a..30dc22852e 100644
--- a/src/common/util.h
+++ b/src/common/util.h
@@ -345,7 +345,7 @@ typedef unsigned int cpd_check_t;
#define CPD_CHECK 2
#define CPD_GROUP_OK 4
#define CPD_GROUP_READ 8
-#define CPD_CHECK_MODE_ONLY 16
+#define CPD_CHECK_MODE_ONLY 16
int check_private_dir(const char *dirname, cpd_check_t check,
const char *effective_user);
diff --git a/src/or/or.h b/src/or/or.h
index 1544b70996..33a582ba7e 100644
--- a/src/or/or.h
+++ b/src/or/or.h
@@ -4224,7 +4224,8 @@ typedef struct {
/** Should we send the timestamps that pre-023 hidden services want? */
int Support022HiddenServices;
- /** Create the Hidden Service directories and hostname files group readable. */
+ /** Create the Hidden Service directories
+ and hostname files group readable. */
int HiddenServiceDirGroupReadable;
} or_options_t;
diff --git a/src/or/rendservice.c b/src/or/rendservice.c
index a1d572e1ac..75080cbe94 100644
--- a/src/or/rendservice.c
+++ b/src/or/rendservice.c
@@ -95,7 +95,8 @@ typedef struct rend_service_port_config_t {
typedef struct rend_service_t {
/* Fields specified in config file */
char *directory; /**< where in the filesystem it stores it */
- int dir_group_readable; /**< if 1, allow group read permissions on directory */
+ int dir_group_readable; /**< if 1, allow group read
+ permissions on directory */
smartlist_t *ports; /**< List of rend_service_port_config_t */
rend_auth_type_t auth_type; /**< Client authorization type or 0 if no client
* authorization is performed. */
@@ -395,15 +396,20 @@ rend_config_services(const or_options_t *options, int validate_only)
return -1;
}
smartlist_add(service->ports, portcfg);
- } else if (!strcasecmp(line->key, "HiddenServiceDirGroupReadable")) {
- service->dir_group_readable = (int)tor_parse_long(line->value, 10, 0, 1, &ok, NULL);
+ } else if (!strcasecmp(line->key,
+ "HiddenServiceDirGroupReadable")) {
+ service->dir_group_readable = (int)tor_parse_long(line->value,
+ 10, 0, 1, &ok, NULL);
if (!ok) {
- log_warn(LD_CONFIG, "HiddenServiceDirGroupReadable should be 0 or 1, not %s",
+ log_warn(LD_CONFIG,
+ "HiddenServiceDirGroupReadable should be 0 or 1, not %s",
line->value);
rend_service_free(service);
return -1;
}
- log_info(LD_CONFIG, "HiddenServiceDirGroupReadable=%d for %s", service->dir_group_readable, service->directory);
+ log_info(LD_CONFIG,
+ "HiddenServiceDirGroupReadable=%d for %s",
+ service->dir_group_readable, service->directory);
} else if (!strcasecmp(line->key, "HiddenServiceAuthorizeClient")) {
/* Parse auth type and comma-separated list of client names and add a
* rend_authorized_client_t for each client to the service's list
@@ -761,9 +767,9 @@ rend_service_load_keys(rend_service_t *s)
#ifndef _WIN32
if (s->dir_group_readable) {
/* Also verify hostname file created with group read. */
- if (chmod(fname, 0640)) {
- log_warn(LD_FS,"Unable to make hidden hostname file %s group-readable.", fname);
- }
+ if (chmod(fname, 0640))
+ log_warn(LD_FS,"Unable to make hidden hostname file %s group-readable.",
+ fname);
}
#endif
diff --git a/src/test/test_checkdir.c b/src/test/test_checkdir.c
index 59c1783978..1580e6271d 100644
--- a/src/test/test_checkdir.c
+++ b/src/test/test_checkdir.c
@@ -43,7 +43,6 @@ test_checkdir_perms(void *testdata)
tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
tor_free(testdir);
-
/* test: create new dir, CPD_GROUP_READ option set. */
testdir = get_datadir_fname("checkdir_new_groupread");
cpd_chkopts = CPD_CREATE|CPD_GROUP_READ;
@@ -53,7 +52,6 @@ test_checkdir_perms(void *testdata)
tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
tor_free(testdir);
-
/* test: check existing dir created with defaults,
and verify with CPD_CREATE only. */
testdir = get_datadir_fname("checkdir_exists_none");
@@ -66,7 +64,6 @@ test_checkdir_perms(void *testdata)
tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
tor_free(testdir);
-
/* test: check existing dir created with defaults,
and verify with CPD_GROUP_OK option set. */
testdir = get_datadir_fname("checkdir_exists_groupok");
@@ -79,7 +76,6 @@ test_checkdir_perms(void *testdata)
tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
tor_free(testdir);
-
/* test: check existing dir created with defaults,
and verify with CPD_GROUP_READ option set. */
testdir = get_datadir_fname("checkdir_exists_groupread");
@@ -92,7 +88,6 @@ test_checkdir_perms(void *testdata)
tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
tor_free(testdir);
-
/* test: check existing dir created with CPD_GROUP_READ,
and verify with CPD_GROUP_OK option set. */
testdir = get_datadir_fname("checkdir_existsread_groupok");
@@ -105,7 +100,6 @@ test_checkdir_perms(void *testdata)
tt_int_op(0, ==, (st.st_mode & unix_verify_optsmask));
tor_free(testdir);
-
/* test: check existing dir created with CPD_GROUP_READ,
and verify with CPD_GROUP_READ option set. */
testdir = get_datadir_fname("checkdir_existsread_groupread");