[tor-commits] [tor/main] If TestingTorNetwork, skip perm check on the hs directory

nickm at torproject.org nickm at torproject.org
Thu Jul 1 13:56:43 UTC 2021 

commit f944e463995fa2e4c04e6d732ec77e66bb1a6f8a
Author: Steven Engler <opara at cs.georgetown.edu>
Date:   Mon Jun 28 13:35:11 2021 -0400

    If TestingTorNetwork, skip perm check on the hs directory
---
 changes/issue40338         |  3 +++
 src/feature/hs/hs_config.c | 22 +++++++++++++---------
 2 files changed, 16 insertions(+), 9 deletions(-)

diff --git a/changes/issue40338 b/changes/issue40338
new file mode 100644
index 0000000000..bc2cafff61
--- /dev/null
+++ b/changes/issue40338
@@ -0,0 +1,3 @@
+  o Minor features (testing configuration):
+    - When TestingTorNetwork is enabled, skip the permission check on
+      the hidden service directory. Closes ticket 40338.
diff --git a/src/feature/hs/hs_config.c b/src/feature/hs/hs_config.c
index 68ed932701..f9f71c78f2 100644
--- a/src/feature/hs/hs_config.c
+++ b/src/feature/hs/hs_config.c
@@ -544,15 +544,19 @@ config_service(config_line_t *line, const or_options_t *options,
 
   tor_assert(service->config.version <= HS_VERSION_MAX);
 
-  /* Check permission on service directory that was just parsed. And this must
-   * be done regardless of the service version. Do not ask for the directory
-   * to be created, this is done when the keys are loaded because we could be
-   * in validation mode right now. */
-  if (hs_check_service_private_dir(options->User,
-                                   service->config.directory_path,
-                                   service->config.dir_group_readable,
-                                   0) < 0) {
-    goto err;
+  /* If we're running with TestingTorNetwork enabled, we relax the permissions
+   * check on the hs directory. */
+  if (!options->TestingTorNetwork) {
+    /* Check permission on service directory that was just parsed. And this
+     * must be done regardless of the service version. Do not ask for the
+     * directory to be created, this is done when the keys are loaded because
+     * we could be in validation mode right now. */
+    if (hs_check_service_private_dir(options->User,
+                                     service->config.directory_path,
+                                     service->config.dir_group_readable,
+                                     0) < 0) {
+      goto err;
+    }
   }
 
   /* We'll try to learn the service version here by loading the key(s) if

More information about the tor-commits mailing list