Loading changes/bug12864 0 → 100644 +7 −0 Original line number Diff line number Diff line o Minor bugfixes: - Restore the functionality of CookieAuthFileGroupReadable. Fixes bug 12864; bugfix on 0.2.5.1-alpha. o Minor features: - Add an ExtORPortCookieAuthFileGroupReadable option to make the cookie file for the ExtORPort g+r by default. doc/tor.1.txt +8 −1 Original line number Diff line number Diff line Loading @@ -224,6 +224,13 @@ GENERAL OPTIONS for the Extended ORPort's cookie file -- the cookie file is needed for pluggable transports to communicate through the Extended ORPort. [[ExtORPortCookieAuthFileGroupReadable]] **ExtORPortCookieAuthFileGroupReadable** **0**|**1**:: If this option is set to 0, don't allow the filesystem group to read the Extended OR Port cookie file. If the option is set to 1, make the cookie file readable by the default GID. [Making the file readable by other groups is not yet implemented; let us know if you need this for some reason.] (Default: 0) [[ConnLimit]] **ConnLimit** __NUM__:: The minimum number of file descriptors that must be available to the Tor process before it will start. Tor will ask the OS for as many file Loading Loading @@ -312,7 +319,7 @@ GENERAL OPTIONS If set, this option overrides the default location and file name for Tor's cookie file. (See CookieAuthentication above.) [[CookieAuthFileGroupReadable]] **CookieAuthFileGroupReadable** **0**|**1**|__Groupname__:: [[CookieAuthFileGroupReadable]] **CookieAuthFileGroupReadable** **0**|**1**:: If this option is set to 0, don't allow the filesystem group to read the cookie file. If the option is set to 1, make the cookie file readable by the default GID. [Making the file readable by other groups is not yet Loading src/or/config.c +13 −1 Original line number Diff line number Diff line Loading @@ -238,6 +238,7 @@ static config_var_t option_vars_[] = { V(ExtendAllowPrivateAddresses, BOOL, "0"), VPORT(ExtORPort, LINELIST, NULL), V(ExtORPortCookieAuthFile, STRING, NULL), V(ExtORPortCookieAuthFileGroupReadable, BOOL, "0"), V(ExtraInfoStatistics, BOOL, "1"), V(FallbackDir, LINELIST, NULL), Loading Loading @@ -6824,11 +6825,14 @@ config_maybe_load_geoip_files_(const or_options_t *options, * in <b>cookie_out</b>. * Then write it down to <b>fname</b> and prepend it with <b>header</b>. * * If <b>group_readable</b> is set, set <b>fname</b> to be readable * by the default GID. * * If the whole procedure was successful, set * <b>cookie_is_set_out</b> to True. */ int init_cookie_authentication(const char *fname, const char *header, int cookie_len, int cookie_len, int group_readable, uint8_t **cookie_out, int *cookie_is_set_out) { char cookie_file_str_len = strlen(header) + cookie_len; Loading Loading @@ -6861,6 +6865,14 @@ init_cookie_authentication(const char *fname, const char *header, goto done; } #ifndef _WIN32 if (group_readable) { if (chmod(fname, 0640)) { log_warn(LD_FS,"Unable to make %s group-readable.", escaped(fname)); } } #endif /* Success! */ log_info(LD_GENERAL, "Generated auth cookie file in '%s'.", escaped(fname)); *cookie_is_set_out = 1; Loading src/or/config.h +1 −1 Original line number Diff line number Diff line Loading @@ -97,7 +97,7 @@ uint32_t get_effective_bwburst(const or_options_t *options); char *get_transport_bindaddr_from_config(const char *transport); int init_cookie_authentication(const char *fname, const char *header, int cookie_len, int cookie_len, int group_readable, uint8_t **cookie_out, int *cookie_is_set_out); or_options_t *options_new(void); Loading src/or/control.c +1 −0 Original line number Diff line number Diff line Loading @@ -4666,6 +4666,7 @@ init_control_cookie_authentication(int enabled) fname = get_controller_cookie_file_name(); retval = init_cookie_authentication(fname, "", /* no header */ AUTHENTICATION_COOKIE_LEN, get_options()->CookieAuthFileGroupReadable, &authentication_cookie, &authentication_cookie_is_set); tor_free(fname); Loading Loading
changes/bug12864 0 → 100644 +7 −0 Original line number Diff line number Diff line o Minor bugfixes: - Restore the functionality of CookieAuthFileGroupReadable. Fixes bug 12864; bugfix on 0.2.5.1-alpha. o Minor features: - Add an ExtORPortCookieAuthFileGroupReadable option to make the cookie file for the ExtORPort g+r by default.
doc/tor.1.txt +8 −1 Original line number Diff line number Diff line Loading @@ -224,6 +224,13 @@ GENERAL OPTIONS for the Extended ORPort's cookie file -- the cookie file is needed for pluggable transports to communicate through the Extended ORPort. [[ExtORPortCookieAuthFileGroupReadable]] **ExtORPortCookieAuthFileGroupReadable** **0**|**1**:: If this option is set to 0, don't allow the filesystem group to read the Extended OR Port cookie file. If the option is set to 1, make the cookie file readable by the default GID. [Making the file readable by other groups is not yet implemented; let us know if you need this for some reason.] (Default: 0) [[ConnLimit]] **ConnLimit** __NUM__:: The minimum number of file descriptors that must be available to the Tor process before it will start. Tor will ask the OS for as many file Loading Loading @@ -312,7 +319,7 @@ GENERAL OPTIONS If set, this option overrides the default location and file name for Tor's cookie file. (See CookieAuthentication above.) [[CookieAuthFileGroupReadable]] **CookieAuthFileGroupReadable** **0**|**1**|__Groupname__:: [[CookieAuthFileGroupReadable]] **CookieAuthFileGroupReadable** **0**|**1**:: If this option is set to 0, don't allow the filesystem group to read the cookie file. If the option is set to 1, make the cookie file readable by the default GID. [Making the file readable by other groups is not yet Loading
src/or/config.c +13 −1 Original line number Diff line number Diff line Loading @@ -238,6 +238,7 @@ static config_var_t option_vars_[] = { V(ExtendAllowPrivateAddresses, BOOL, "0"), VPORT(ExtORPort, LINELIST, NULL), V(ExtORPortCookieAuthFile, STRING, NULL), V(ExtORPortCookieAuthFileGroupReadable, BOOL, "0"), V(ExtraInfoStatistics, BOOL, "1"), V(FallbackDir, LINELIST, NULL), Loading Loading @@ -6824,11 +6825,14 @@ config_maybe_load_geoip_files_(const or_options_t *options, * in <b>cookie_out</b>. * Then write it down to <b>fname</b> and prepend it with <b>header</b>. * * If <b>group_readable</b> is set, set <b>fname</b> to be readable * by the default GID. * * If the whole procedure was successful, set * <b>cookie_is_set_out</b> to True. */ int init_cookie_authentication(const char *fname, const char *header, int cookie_len, int cookie_len, int group_readable, uint8_t **cookie_out, int *cookie_is_set_out) { char cookie_file_str_len = strlen(header) + cookie_len; Loading Loading @@ -6861,6 +6865,14 @@ init_cookie_authentication(const char *fname, const char *header, goto done; } #ifndef _WIN32 if (group_readable) { if (chmod(fname, 0640)) { log_warn(LD_FS,"Unable to make %s group-readable.", escaped(fname)); } } #endif /* Success! */ log_info(LD_GENERAL, "Generated auth cookie file in '%s'.", escaped(fname)); *cookie_is_set_out = 1; Loading
src/or/config.h +1 −1 Original line number Diff line number Diff line Loading @@ -97,7 +97,7 @@ uint32_t get_effective_bwburst(const or_options_t *options); char *get_transport_bindaddr_from_config(const char *transport); int init_cookie_authentication(const char *fname, const char *header, int cookie_len, int cookie_len, int group_readable, uint8_t **cookie_out, int *cookie_is_set_out); or_options_t *options_new(void); Loading
src/or/control.c +1 −0 Original line number Diff line number Diff line Loading @@ -4666,6 +4666,7 @@ init_control_cookie_authentication(int enabled) fname = get_controller_cookie_file_name(); retval = init_cookie_authentication(fname, "", /* no header */ AUTHENTICATION_COOKIE_LEN, get_options()->CookieAuthFileGroupReadable, &authentication_cookie, &authentication_cookie_is_set); tor_free(fname); Loading