[or-cvs] r11134: Backport r11117: exit when we fail to write an auth cookie, (in tor/branches/tor-0_1_2-patches: . doc src/or)
nickm at seul.org
nickm at seul.org
Thu Aug 16 16:41:42 UTC 2007
Author: nickm
Date: 2007-08-16 12:41:41 -0400 (Thu, 16 Aug 2007)
New Revision: 11134
Modified:
tor/branches/tor-0_1_2-patches/
tor/branches/tor-0_1_2-patches/ChangeLog
tor/branches/tor-0_1_2-patches/doc/TODO.012
tor/branches/tor-0_1_2-patches/src/or/config.c
tor/branches/tor-0_1_2-patches/src/or/control.c
Log:
r14590 at catbus: nickm | 2007-08-16 12:19:12 -0400
Backport r11117: exit when we fail to write an auth cookie, and do not attempt to rewrite the auth cookie every time we restart.
Property changes on: tor/branches/tor-0_1_2-patches
___________________________________________________________________
svk:merge ticket from /tor/012 [r14590] on 8246c3cf-6607-4228-993b-4d95d33730f1
Modified: tor/branches/tor-0_1_2-patches/ChangeLog
===================================================================
--- tor/branches/tor-0_1_2-patches/ChangeLog 2007-08-16 16:41:38 UTC (rev 11133)
+++ tor/branches/tor-0_1_2-patches/ChangeLog 2007-08-16 16:41:41 UTC (rev 11134)
@@ -17,6 +17,11 @@
weighting by fraction of bandwidth provided by exits. Previously,
we would choose with only approximate fairness, and correct ourselves
if we ran off the end of the list.
+ - If we require CookieAuthentication but we fail to write the
+ cookie file, we would warn but not exit, and end up in a state
+ where no controller could authenticate. Now we exit.
+ - If we require CookieAuthentication, stop generating a new cookie
+ every time we change any piece of our config.
Changes in version 0.1.2.16 - 2007-08-01
Modified: tor/branches/tor-0_1_2-patches/doc/TODO.012
===================================================================
--- tor/branches/tor-0_1_2-patches/doc/TODO.012 2007-08-16 16:41:38 UTC (rev 11133)
+++ tor/branches/tor-0_1_2-patches/doc/TODO.012 2007-08-16 16:41:41 UTC (rev 11134)
@@ -3,7 +3,7 @@
o r10956: fix the math for exit bandwidth weighting
o r10994: Disable SENTINELS checking in order to use less RAM in
buffer allocation.
- - r11117: cookie auth more usable
+ o r11117: cookie auth more usable
- disable v0 control protocol
Modified: tor/branches/tor-0_1_2-patches/src/or/config.c
===================================================================
--- tor/branches/tor-0_1_2-patches/src/or/config.c 2007-08-16 16:41:38 UTC (rev 11133)
+++ tor/branches/tor-0_1_2-patches/src/or/config.c 2007-08-16 16:41:41 UTC (rev 11134)
@@ -958,7 +958,10 @@
/* Update address policies. */
policies_parse_from_options(options);
- init_cookie_authentication(options->CookieAuthentication);
+ if (init_cookie_authentication(options->CookieAuthentication) < 0) {
+ log_warn(LD_CONFIG,"Error creating cookie authentication file");
+ return -1;
+ }
/* reload keys as needed for rendezvous services. */
if (rend_service_load_keys()<0) {
Modified: tor/branches/tor-0_1_2-patches/src/or/control.c
===================================================================
--- tor/branches/tor-0_1_2-patches/src/or/control.c 2007-08-16 16:41:38 UTC (rev 11133)
+++ tor/branches/tor-0_1_2-patches/src/or/control.c 2007-08-16 16:41:41 UTC (rev 11134)
@@ -3933,7 +3933,8 @@
/** Choose a random authentication cookie and write it to disk.
* Anybody who can read the cookie from disk will be considered
- * authorized to use the control connection. */
+ * authorized to use the control connection. Return -1 if we can't
+ * write the file, or 0 on success */
int
init_cookie_authentication(int enabled)
{
@@ -3944,13 +3945,17 @@
return 0;
}
+ if (authentication_cookie_is_set)
+ return 0;
+
tor_snprintf(fname, sizeof(fname), "%s/control_auth_cookie",
get_options()->DataDirectory);
crypto_rand(authentication_cookie, AUTHENTICATION_COOKIE_LEN);
authentication_cookie_is_set = 1;
if (write_bytes_to_file(fname, authentication_cookie,
AUTHENTICATION_COOKIE_LEN, 1)) {
- log_warn(LD_FS,"Error writing authentication cookie.");
+ log_warn(LD_FS,"Error writing authentication cookie to %s.",
+ escaped(fname));
return -1;
}
More information about the tor-commits
mailing list