diff --git a/debian/etc-taler-exchange/taler/conf.d/exchange-system.conf b/debian/etc-taler-exchange/taler/conf.d/exchange-system.conf index 7fb65d983..75c670f71 100644 --- a/debian/etc-taler-exchange/taler/conf.d/exchange-system.conf +++ b/debian/etc-taler-exchange/taler/conf.d/exchange-system.conf @@ -2,7 +2,6 @@ # Read secret sections into configuration, but only # if we have permission to do so. -@inline-secret@ exchange-account-1 ../secrets/exchange-accounts.secret.conf @inline-secret@ exchangedb-postgres ../secrets/exchange-db.secret.conf [exchange] diff --git a/src/util/crypto_helper_denom.c b/src/util/crypto_helper_denom.c index 2cc140c8e..243dd2963 100644 --- a/src/util/crypto_helper_denom.c +++ b/src/util/crypto_helper_denom.c @@ -142,14 +142,23 @@ try_connect (struct TALER_CRYPTO_DenominationHelper *dh) GNUNET_free (tmpdir); return; } - /* Fix permissions on UNIX domain socket, just - in case umask() is not set to enable group write */ - if (0 != chmod (tmpdir, - S_IRUSR | S_IWUSR | S_IWGRP)) + /* Fix permissions on client UNIX domain socket, + just in case umask() is not set to enable group write */ { - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, - "chmod", - tmpdir); + char path[sizeof (dh->my_sa) + 1]; + + strncpy (path, + (const char *) &dh->my_sa, + sizeof (dh->my_sa)); + path[sizeof (dh->my_sa)] = '\0'; + + if (0 != chmod (path, + S_IRUSR | S_IWUSR | S_IWGRP)) + { + GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, + "chmod", + path); + } } GNUNET_free (tmpdir); { diff --git a/src/util/crypto_helper_esign.c b/src/util/crypto_helper_esign.c index d5baa9348..1234ba4a5 100644 --- a/src/util/crypto_helper_esign.c +++ b/src/util/crypto_helper_esign.c @@ -143,15 +143,25 @@ try_connect (struct TALER_CRYPTO_ExchangeSignHelper *esh) GNUNET_free (tmpdir); return; } - /* Fix permissions on UNIX domain socket, just - in case umask() is not set to enable group write */ - if (0 != chmod (tmpdir, - S_IRUSR | S_IWUSR | S_IWGRP)) + /* Fix permissions on client UNIX domain socket, + just in case umask() is not set to enable group write */ { - GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, - "chmod", - tmpdir); + char path[sizeof (esh->my_sa) + 1]; + + strncpy (path, + (const char *) &esh->my_sa, + sizeof (esh->my_sa)); + path[sizeof (esh->my_sa)] = '\0'; + + if (0 != chmod (path, + S_IRUSR | S_IWUSR | S_IWGRP)) + { + GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, + "chmod", + path); + } } + GNUNET_free (tmpdir); { struct GNUNET_MessageHeader hdr = {