Add a ControlPortFileGroupWritable option

2011-05-12 19:17:48 -04:00 · 2011-05-12 19:17:48 -04:00 · 7f654a6a6f
parent dad12188a6
commit 7f654a6a6f
5 changed files with 20 additions and 1 deletions
--- a/changes/feature3076
+++ b/changes/feature3076
@ -7,5 +7,8 @@
      type.  This is useful for if the user has selected SocksPort
      "auto", and you need to know which port got chosen.
    - There is a ControlPortWriteToFile option that tells Tor to write
-      its actual control port or ports to a chosen file.
+      its actual control port or ports to a chosen file.  If the option
+      ControlPortFileGroupReadable is set, the file is created as
+      group-readable.
+

--- a/doc/tor.1.txt
+++ b/doc/tor.1.txt
@ -196,6 +196,11 @@ Other options can be specified either on the command-line (--option
    this address.  Usable by controllers to learn the actual control port
    when ControlPort is set to "auto".

+**ControlPortFileGroupReadable** **0**|**1**::
+    If this option is set to 0, don't allow the filesystem group to read the
+    control port file. If the option is set to 1, make the control port
+    file readable by the default GID. (Default: 0).
+
 **DataDirectory** __DIR__::
    Store working data in DIR (Default: @LOCALSTATEDIR@/lib/tor)

--- a/src/or/config.c
+++ b/src/or/config.c
@ -206,6 +206,7 @@ static config_var_t _option_vars[] = {
  V(ContactInfo,                 STRING,   NULL),
  V(ControlListenAddress,        LINELIST, NULL),
  V(ControlPort,                 PORT,     "0"),
+  V(ControlPortFileGroupReadable,BOOL,     "0"),
  V(ControlPortWriteToFile,      FILENAME, NULL),
  V(ControlSocket,               LINELIST, NULL),
  V(CookieAuthentication,        BOOL,     "0"),
--- a/src/or/control.c
+++ b/src/or/control.c
@ -542,6 +542,14 @@ control_ports_write_to_file(void)
    log_warn(LD_CONTROL, "Writing %s failed: %s",
             options->ControlPortWriteToFile, strerror(errno));
  }
+#ifndef MS_WINDOWS
+  if (options->ControlPortFileGroupReadable) {
+    if (chmod(options->ControlPortWriteToFile, 0640)) {
+      log_warn(LD_FS,"Unable to make %s group-readable.",
+               options->ControlPortWriteToFile);
+    }
+  }
+#endif
  tor_free(joined);
  SMARTLIST_FOREACH(lines, char *, cp, tor_free(cp));
  smartlist_free(lines);
--- a/src/or/or.h
+++ b/src/or/or.h
@ -2876,6 +2876,8 @@ typedef struct {

  /** File where we should write the ControlPort. */
  char *ControlPortWriteToFile;
+  /** Should that file be group-readable? */
+  int ControlPortFileGroupReadable;

 } or_options_t;