taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

call chmod on client socket path, not client socket directory

Browse Source
This commit is contained in:
Florian Dold 2021-08-04 20:00:31 +02:00
parent 99cbc5fbe2
commit 07bcff123f
No known key found for this signature in database
GPG Key ID: D2E4F00F29D02A4B
3 changed files with 33 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
debian/etc-taler-exchange/taler/conf.d/exchange-system.conf vendored
View File

@ -2,7 +2,6 @@
# Read secret sections into configuration, but only # Read secret sections into configuration, but only
# if we have permission to do so. # if we have permission to do so.
@inline-secret@ exchange-account-1 ../secrets/exchange-accounts.secret.conf
@inline-secret@ exchangedb-postgres ../secrets/exchange-db.secret.conf @inline-secret@ exchangedb-postgres ../secrets/exchange-db.secret.conf
[exchange] [exchange]

17
src/util/crypto_helper_denom.c
View File

@ -142,14 +142,23 @@ try_connect (struct TALER_CRYPTO_DenominationHelper *dh)
GNUNET_free (tmpdir); GNUNET_free (tmpdir);
return; return;
} }
/* Fix permissions on UNIX domain socket, just /* Fix permissions on client UNIX domain socket,
in case umask() is not set to enable group write */ just in case umask() is not set to enable group write */
if (0 != chmod (tmpdir, {
char path[sizeof (dh->my_sa) + 1];
strncpy (path,
(const char *) &dh->my_sa,
sizeof (dh->my_sa));
path[sizeof (dh->my_sa)] = '\0';
if (0 != chmod (path,
S_IRUSR | S_IWUSR | S_IWGRP)) S_IRUSR | S_IWUSR | S_IWGRP))
{ {
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"chmod", "chmod",
tmpdir); path);
}
} }
GNUNET_free (tmpdir); GNUNET_free (tmpdir);
{ {

18
src/util/crypto_helper_esign.c
View File

@ -143,15 +143,25 @@ try_connect (struct TALER_CRYPTO_ExchangeSignHelper *esh)
GNUNET_free (tmpdir); GNUNET_free (tmpdir);
return; return;
} }
/* Fix permissions on UNIX domain socket, just /* Fix permissions on client UNIX domain socket,
in case umask() is not set to enable group write */ just in case umask() is not set to enable group write */
if (0 != chmod (tmpdir, {
char path[sizeof (esh->my_sa) + 1];
strncpy (path,
(const char *) &esh->my_sa,
sizeof (esh->my_sa));
path[sizeof (esh->my_sa)] = '\0';
if (0 != chmod (path,
S_IRUSR | S_IWUSR | S_IWGRP)) S_IRUSR | S_IWUSR | S_IWGRP))
{ {
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING, GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"chmod", "chmod",
tmpdir); path);
} }
}
GNUNET_free (tmpdir); GNUNET_free (tmpdir);
{ {
struct GNUNET_MessageHeader hdr = { struct GNUNET_MessageHeader hdr = {