]> git.ipfire.org Git - thirdparty/tor.git/commitdiff
projects / thirdparty / tor.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 92c3926)
relay: Honor DataDirectoryGroupReadable at key init
authorDavid Goulet <dgoulet@torproject.org>
Tue, 17 Jan 2017 19:40:01 +0000 (14:40 -0500)
committerDavid Goulet <dgoulet@torproject.org>
Tue, 17 Jan 2017 19:40:01 +0000 (14:40 -0500)
Our config code is checking correctly at DataDirectoryGroupReadable but then
when we initialize the keys, we ignored that option ending up at setting back
the DataDirectory to 0700 instead of 0750. Patch by "redfish".

Fixes #19953

Signed-off-by: David Goulet <dgoulet@torproject.org>
changes/bug19953 [new file with mode: 0644] patch | blob
src/or/router.c patch | blob | blame | history
src/or/routerkeys.c patch | blob | blame | history

diff --git a/changes/bug19953 b/changes/bug19953
new file mode 100644 (file)
index 0000000..919018d
--- /dev/null
+++ b/changes/bug19953
@@ -0,0 +1,6 @@
+  o Minor bugfixes (relay)
+    - Honor DataDirectoryGroupReadable when tor is a relay. Previously, the
+      initialization of the keys would reset the DataDirectory to 0700 instead
+      of 0750 if DataDirectoryGroupReadable was set to 1. Fixes #19953. Patch
+      by "redfish".; bugfix on tor-0.0.2pre16.
+
diff --git a/src/or/router.c b/src/or/router.c
index 2d8208aa04b4436e29e37da75543fc9d2621e36f..e4fa72a28376ca85ae2be26c4b34582f87303665 100644 (file)
--- a/src/or/router.c
+++ b/src/or/router.c
@@ -849,7 +849,12 @@ init_keys(void)
   if (init_keys_common() < 0)
     return -1;
   /* Make sure DataDirectory exists, and is private. */
-  if (check_private_dir(options->DataDirectory, CPD_CREATE, options->User)) {
+  cpd_check_t cpd_opts = CPD_CREATE;
+  if (options->DataDirectoryGroupReadable)
+    cpd_opts |= CPD_GROUP_READ;
+  if (check_private_dir(options->DataDirectory, cpd_opts, options->User)) {
+    log_err(LD_OR, "Can't create/check datadirectory %s",
+            options->DataDirectory);
     return -1;
   }
   /* Check the key directory. */
diff --git a/src/or/routerkeys.c b/src/or/routerkeys.c
index 51802b15e5cfcd37c8157c99ea3e16d11a81f31b..e20787123e6ef778e52c6a1aff18566974b215d7 100644 (file)
--- a/src/or/routerkeys.c
+++ b/src/or/routerkeys.c
@@ -785,8 +785,11 @@ load_ed_keys(const or_options_t *options, time_t now)
     if (options->command == CMD_KEYGEN)
       flags |= INIT_ED_KEY_TRY_ENCRYPTED;
 
-    /* Check the key directory */
-    if (check_private_dir(options->DataDirectory, CPD_CREATE, options->User)) {
+    /* Check/Create the key directory */
+    cpd_check_t cpd_opts = CPD_CREATE;
+    if (options->DataDirectoryGroupReadable)
+      cpd_opts |= CPD_GROUP_READ;
+    if (check_private_dir(options->DataDirectory, cpd_opts, options->User)) {
       log_err(LD_OR, "Can't create/check datadirectory %s",
               options->DataDirectory);
       goto err;
Mirror of https://git.torproject.org/tor.git