From 9678f166a8e5c48f9cd0e0b6a27dd41ce081e419 Mon Sep 17 00:00:00 2001
From: Roger Dingledine <arma@torproject.org>
Date: Mon, 29 Sep 2008 10:09:05 +0000
Subject: [PATCH] If we have correct permissions on $datadir, we complain to
 stdout and fail to start. But dangerous permissions on
 $datadir/cached-status/ would cause us to open a log and complain there. Now
 complain to stdout and fail to start in both cases. Fixes bug 820, reported
 by seeess.

svn:r16998
---
 ChangeLog       |  5 +++++
 src/or/config.c | 32 ++++++++++++++++----------------
 2 files changed, 21 insertions(+), 16 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index dcadbf813..94a59ae55 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -99,6 +99,11 @@ Changes in version 0.2.1.6-alpha - 2008-09-29
       circuit, then it could establish the last hop by using the existing
       connection. Bugfix on 0.1.2.2-alpha, exposed when we made testing
       circuits no longer use entry guards in 0.2.1.3-alpha.
+    - If we have correct permissions on $datadir, we complain to stdout
+      and fail to start. But dangerous permissions on
+      $datadir/cached-status/ would cause us to open a log and complain
+      there. Now complain to stdout and fail to start in both cases. Fixes
+      bug 820, reported by seeess.
 
   o Code simplifications and refactoring:
     - Revise the connection_new functions so that a more typesafe variant
diff --git a/src/or/config.c b/src/or/config.c
index de1c6e0b3..be3b14fa0 100644
--- a/src/or/config.c
+++ b/src/or/config.c
@@ -1108,6 +1108,22 @@ options_act_reversible(or_options_t *old_options, char **msg)
     /* No need to roll back, since you can't change the value. */
   }
 
+ if (directory_caches_v2_dir_info(options)) {
+    size_t len = strlen(options->DataDirectory)+32;
+    char *fn = tor_malloc(len);
+    tor_snprintf(fn, len, "%s"PATH_SEPARATOR"cached-status",
+                 options->DataDirectory);
+    if (check_private_dir(fn, running_tor ? CPD_CREATE : CPD_CHECK) < 0) {
+      char buf[1024];
+      int tmp = tor_snprintf(buf, sizeof(buf),
+                "Couldn't access/create private data directory \"%s\"", fn);
+      *msg = tor_strdup(tmp >= 0 ? buf : "internal error");
+      tor_free(fn);
+      goto done;
+    }
+    tor_free(fn);
+  }
+
   /* Bail out at this point if we're not going to be a client or server:
    * we don't run Tor itself. */
   if (!running_tor)
@@ -1203,8 +1219,6 @@ static int
 options_act(or_options_t *old_options)
 {
   config_line_t *cl;
-  char *fn;
-  size_t len;
   or_options_t *options = get_options();
   int running_tor = options->command == CMD_RUN_TOR;
   char *msg;
@@ -1240,20 +1254,6 @@ options_act(or_options_t *old_options)
     return -1;
   }
 
-  if (running_tor && directory_caches_v2_dir_info(options)) {
-    len = strlen(options->DataDirectory)+32;
-    fn = tor_malloc(len);
-    tor_snprintf(fn, len, "%s"PATH_SEPARATOR"cached-status",
-                 options->DataDirectory);
-    if (check_private_dir(fn, CPD_CREATE) != 0) {
-      log_warn(LD_CONFIG,
-               "Couldn't access/create private data directory \"%s\"", fn);
-      tor_free(fn);
-      return -1;
-    }
-    tor_free(fn);
-  }
-
   /* Load state */
   if (! global_state && running_tor) {
     if (or_state_load())