diff options
| author | Nick Mathewson <nickm@torproject.org> | 2014-04-16 21:57:45 -0400 |
|---|---|---|
| committer | Nick Mathewson <nickm@torproject.org> | 2014-04-16 22:03:18 -0400 |
| commit | 2ae47d3c3ad7121b3ebfa8aa47cd67336218163e (patch) | |
| tree | 86c587198e57b021784c1c6a64f42f6b31a420e7 | |
| parent | f70cf9982ae3b0e57ca62612988478906707567f (diff) | |
| download | tor-2ae47d3c3ad7121b3ebfa8aa47cd67336218163e.tar tor-2ae47d3c3ad7121b3ebfa8aa47cd67336218163e.tar.gz | |
Block certain option transitions while sandbox enabled
| -rw-r--r-- | src/or/config.c | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/src/or/config.c b/src/or/config.c index 77dcd1660..b686b6606 100644 --- a/src/or/config.c +++ b/src/or/config.c @@ -3584,6 +3584,12 @@ options_transition_allowed(const or_options_t *old, return -1; } + if (old->Sandbox != new_val->Sandbox) { + *msg = tor_strdup("While Tor is running, changing Sandbox " + "is not allowed."); + return -1; + } + if (strcmp(old->DataDirectory,new_val->DataDirectory)!=0) { tor_asprintf(msg, "While Tor is running, changing DataDirectory " @@ -3636,6 +3642,32 @@ options_transition_allowed(const or_options_t *old, return -1; } + if (sandbox_is_active()) { + if (! opt_streq(old->PidFile, new_val->PidFile)) { + *msg = tor_strdup("Can't change PidFile while Sandbox is active"); + return -1; + } + if (! config_lines_eq(old->Logs, new_val->Logs)) { + *msg = tor_strdup("Can't change Logs while Sandbox is active"); + return -1; + } + if (old->ConnLimit != new_val->ConnLimit) { + *msg = tor_strdup("Can't change ConnLimit while Sandbox is active"); + return -1; + } + if (! opt_streq(old->ServerDNSResolvConfFile, + new_val->ServerDNSResolvConfFile)) { + *msg = tor_strdup("Can't change ServerDNSResolvConfFile" + " while Sandbox is active"); + return -1; + } + if (server_mode(old) != server_mode(new_val)) { + *msg = tor_strdup("Can't start/stop being a server while " + "Sandbox is active"); + return -1; + } + } + return 0; } |