add $cookie_authentication, $cookie_auth_file and $cookie_auth_file_group_readable variables

2 files changed, 20 insertions, 3 deletions

diff --git a/manifests/daemon.pp b/manifests/daemon.pp
index 5150c96..8f6d80d 100644
--- a/manifests/daemon.pp
+++ b/manifests/daemon.pp
@@ -123,13 +123,20 @@ class tor::daemon inherits tor {
   } 
 
   # control definition
-  define control( $port                    = 0,
-                  $hashed_control_password = '',
+  define control( $port                            = 0,
+                  $hashed_control_password         = '',
+                  $cookie_authentication           = 0,
+                  $cookie_auth_file                = '',
+                  $cookie_auth_file_group_readable = '',
                   $ensure                  = present ) {
 
-    if $hashed_control_password == '' and $ensure != 'absent' {
+    if $cookie_authentication == '0' and $hashed_control_password == '' and $ensure != 'absent' {
       fail("You need to define the tor control password")
     }
+
+    if $cookie_authentication == 0 and ($cookie_auth_file != '' or $cookie_auth_file_group_readable != '') {
+      notice("You set a tor cookie authentication option, but do not have cookie_authentication on")
+    }
     
     concatenated_file_part { '04.control':
       dir     => $tor::daemon::snippet_dir,
diff --git a/templates/torrc.control.erb b/templates/torrc.control.erb
index df9513a..7e10d4d 100644
--- a/templates/torrc.control.erb
+++ b/templates/torrc.control.erb
@@ -1,6 +1,16 @@
 # tor controller
 <%- if port != '0' then -%>
 ControlPort <%= port %>
+<%- if cookie_authentication != '0' then -%>
+CookieAuthentication 1
+<%- if cookie_auth_file != '' then -%>
+CookieAuthFile <%= cookie_auth_file %>
+<%- end -%>
+<%- if cookie_auth_file_group_readable != '' then -%>
+CookieAuthFileGroupReadable <%= cookie_auth_file_group_readable %>
+<%- end -%>
+<%- else %->
 HashedControlPassword <%= hashed_control_password %>
 <%- end -%>
+<%- end -%>