Opened 6 years ago

Closed 6 years ago

Last modified 6 years ago

#12864 closed defect (fixed)

CookieAuthFileGroupReadable regression between 0.2.4.x and 0.2.5.6-alpha

Reported by: intrigeri Owned by:
Priority: High Milestone: Tor: 0.2.5.x-final
Component: Core Tor/Tor Version: Tor: unspecified
Severity: Keywords: tor-client regression
Cc: asn Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Hi,

with current Debian sid's tor (0.2.4.23-2), CookieAuthFileGroupReadable works just fine.
Upgrading to experimental's tor (0.2.5.6-alpha-1) makes this parameter a no-op in practice:

  $ ls -l /run/tor/control.authcookie
  -rw------- 1 debian-tor debian-tor 32 Aug 14 12:17 /run/tor/control.authcookie

This breaks Vidalia's default configuration on Debian.

Relevant configuration settings:

  $ grep Cookie /etc/tor/torrc /usr/share/tor/tor-service-defaults-torrc 
  /usr/share/tor/tor-service-defaults-torrc:CookieAuthentication 1
  /usr/share/tor/tor-service-defaults-torrc:CookieAuthFileGroupReadable 1
  /usr/share/tor/tor-service-defaults-torrc:CookieAuthFile /var/run/tor/control.authcookie

Child Tickets

Change History (9)

comment:1 Changed 6 years ago by intrigeri

FTR: reported as https://bugs.debian.org/758112 too.

comment:2 Changed 6 years ago by arma

I would guess commit 33c3e60a37 is to blame here

comment:3 Changed 6 years ago by arma

-#ifndef _WIN32
-  if (get_options()->CookieAuthFileGroupReadable) {
-    if (chmod(fname, 0640)) {
-      log_warn(LD_FS,"Unable to make %s group-readable.", escaped(fname));
-    }
-  }
-#endif

it just vanishes from the code, not getting moved anywhere else?

comment:4 Changed 6 years ago by arma

Cc: asn added
Milestone: Tor: 0.2.5.x-final

comment:5 Changed 6 years ago by nickm

Keywords: tor-client regression added
Priority: normalmajor

comment:6 Changed 6 years ago by nickm

Status: newneeds_review

The obvious fix and a couple of other cleanups are in my branch "bug12864_025". Please review?

comment:7 in reply to:  6 Changed 6 years ago by asn

Replying to nickm:

The obvious fix and a couple of other cleanups are in my branch "bug12864_025". Please review?

Looks good to me. Code is nice and clean. Both features (controlport + extorport) worked in my testing.

I made some documentation fixes in my branch nickm-bug12864_025:
https://gitweb.torproject.org/user/asn/tor.git/commitdiff/112c984f9242699d273f3096d669eb1024d7f64b
Feel free to apply.

Thanks for fixing this :)

comment:8 Changed 6 years ago by nickm

Resolution: fixed
Status: needs_reviewclosed

Looks good; merged that. Thanks!

comment:9 in reply to:  8 Changed 6 years ago by intrigeri

Replying to nickm:

Looks good; merged that. Thanks!

Thanks a lot for the fast response!

Note: See TracTickets for help on using tickets.