From baa58daace392eee68f8ff82841631e9114c9918 Mon Sep 17 00:00:00 2001
From: Nick Mathewson <nickm@torproject.org>
Date: Wed, 18 May 2022 11:52:17 -0400
Subject: [PATCH] fs-mistrust: rename fields

This renaming will make things slightly simpler for declaring a
builder.
---
 crates/fs-mistrust/src/imp.rs |  8 ++++----
 crates/fs-mistrust/src/lib.rs | 22 +++++++++++-----------
 2 files changed, 15 insertions(+), 15 deletions(-)

diff --git a/crates/fs-mistrust/src/imp.rs b/crates/fs-mistrust/src/imp.rs
index d960d4d4f..1b824f867 100644
--- a/crates/fs-mistrust/src/imp.rs
+++ b/crates/fs-mistrust/src/imp.rs
@@ -42,7 +42,7 @@ impl<'a> super::Verifier<'a> {
     // to the code.  It's not urgent, since the allocations won't cost much
     // compared to the filesystem access.
     pub(crate) fn check_errors(&self, path: &Path) -> impl Iterator<Item = Error> + '_ {
-        if self.mistrust.disable_ownership_and_permission_checks {
+        if self.mistrust.dangerously_trust_everyone {
             // We don't want to walk the path in this case at all: we'll just
             // look at the last element.
 
@@ -88,7 +88,7 @@ impl<'a> super::Verifier<'a> {
     pub(crate) fn check_content_errors(&self, path: &Path) -> impl Iterator<Item = Error> + '_ {
         use std::sync::Arc;
 
-        if !self.check_contents || self.mistrust.disable_ownership_and_permission_checks {
+        if !self.check_contents || self.mistrust.dangerously_trust_everyone {
             return boxed(std::iter::empty());
         }
 
@@ -179,7 +179,7 @@ impl<'a> super::Verifier<'a> {
         // about a directory, the owner cah change the permissions and owner
         // of anything in the directory.)
         let uid = meta.uid();
-        if uid != 0 && Some(uid) != self.mistrust.trust_uid {
+        if uid != 0 && Some(uid) != self.mistrust.trust_user {
             errors.push(Error::BadOwner(path.into(), uid));
         }
         let mut forbidden_bits = if !self.readable_okay && path_type == PathType::Final {
@@ -211,7 +211,7 @@ impl<'a> super::Verifier<'a> {
             }
         };
         // If we trust the GID, then we allow even more bits to be set.
-        if self.mistrust.trust_gid == Some(meta.gid()) {
+        if self.mistrust.trust_group == Some(meta.gid()) {
             forbidden_bits &= !0o070;
         }
         let bad_bits = meta.mode() & forbidden_bits;
diff --git a/crates/fs-mistrust/src/lib.rs b/crates/fs-mistrust/src/lib.rs
index d1ed1529a..1caaa15cd 100644
--- a/crates/fs-mistrust/src/lib.rs
+++ b/crates/fs-mistrust/src/lib.rs
@@ -320,26 +320,26 @@ pub struct Mistrust {
     ignore_prefix: Option<PathBuf>,
 
     /// Are we configured to enable all permission and ownership tests?
-    disable_ownership_and_permission_checks: bool,
+    dangerously_trust_everyone: bool,
 
     /// What user ID do we trust by default (if any?)
     #[cfg(target_family = "unix")]
-    trust_uid: Option<u32>,
+    trust_user: Option<u32>,
 
     /// What group ID do we trust by default (if any?)
     #[cfg(target_family = "unix")]
-    trust_gid: Option<u32>,
+    trust_group: Option<u32>,
 }
 
 impl Default for Mistrust {
     fn default() -> Self {
         Self {
             ignore_prefix: None,
-            disable_ownership_and_permission_checks: false,
+            dangerously_trust_everyone: false,
             #[cfg(target_family = "unix")]
-            trust_uid: Some(unsafe { libc::getuid() }),
+            trust_user: Some(unsafe { libc::getuid() }),
             #[cfg(target_family = "unix")]
-            trust_gid: user::get_self_named_gid(),
+            trust_group: user::get_self_named_gid(),
         }
     }
 }
@@ -420,8 +420,8 @@ impl Mistrust {
     /// This option disables the default group-trust behavior as well.
     #[cfg(target_family = "unix")]
     pub fn trust_admin_only(&mut self) -> &mut Self {
-        self.trust_uid = None;
-        self.trust_gid = None;
+        self.trust_user = None;
+        self.trust_group = None;
         self
     }
 
@@ -435,7 +435,7 @@ impl Mistrust {
     /// world-writable objects respectively.
     #[cfg(target_family = "unix")]
     pub fn trust_no_group_id(&mut self) -> &mut Self {
-        self.trust_gid = None;
+        self.trust_group = None;
         self
     }
 
@@ -451,7 +451,7 @@ impl Mistrust {
     /// Anybody who is a member (or becomes a member) of the provided group will
     /// be allowed to read and modify the verified files.
     pub fn trust_group_id(&mut self, gid: u32) -> &mut Self {
-        self.trust_gid = Some(gid);
+        self.trust_group = Some(gid);
         self
     }
 
@@ -466,7 +466,7 @@ impl Mistrust {
     /// implement separate code paths for the "checking on" and "checking off"
     /// cases.
     pub fn dangerously_trust_everyone(&mut self) -> &mut Self {
-        self.disable_ownership_and_permission_checks = true;
+        self.dangerously_trust_everyone = true;
         self
     }