taler/exchange
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

add chmod() to set client unix domain socket to group writable regardless of umask

Browse Source
This commit is contained in:
Christian Grothoff 2021-01-06 10:22:49 +01:00
parent dc570d0c06
commit 09d6ee75fe
No known key found for this signature in database
GPG Key ID: 939E6BE1E29FC3CC
2 changed files with 89 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

80
src/util/crypto_helper_denom.c
View File

@ -92,6 +92,8 @@ do_disconnect (struct TALER_CRYPTO_DenominationHelper *dh)
static void
try_connect (struct TALER_CRYPTO_DenominationHelper *dh)
{
char *tmpdir;
if (-1 != dh->sock)
return;
dh->sock = socket (AF_UNIX,
@ -103,46 +105,53 @@ try_connect (struct TALER_CRYPTO_DenominationHelper *dh)
"socket");
return;
}
tmpdir = GNUNET_DISK_mktemp (dh->template);
if (NULL == tmpdir)
{
char *tmpdir;
tmpdir = GNUNET_DISK_mktemp (dh->template);
if (NULL == tmpdir)
{
do_disconnect (dh);
return;
}
/* we use >= here because we want the sun_path to always
be 0-terminated */
if (strlen (tmpdir) >= sizeof (dh->sa.sun_path))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"PATHS",
"TALER_RUNTIME_DIR",
"path too long");
GNUNET_free (tmpdir);
do_disconnect (dh);
return;
}
dh->my_sa.sun_family = AF_UNIX;
strncpy (dh->my_sa.sun_path,
tmpdir,
sizeof (dh->sa.sun_path));
if (0 != unlink (tmpdir))
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"unlink",
tmpdir);
GNUNET_free (tmpdir);
do_disconnect (dh);
return;
}
/* we use >= here because we want the sun_path to always
be 0-terminated */
if (strlen (tmpdir) >= sizeof (dh->sa.sun_path))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"PATHS",
"TALER_RUNTIME_DIR",
"path too long");
GNUNET_free (tmpdir);
do_disconnect (dh);
return;
}
dh->my_sa.sun_family = AF_UNIX;
strncpy (dh->my_sa.sun_path,
tmpdir,
sizeof (dh->sa.sun_path));
if (0 != unlink (tmpdir))
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"unlink",
tmpdir);
if (0 != bind (dh->sock,
(const struct sockaddr *) &dh->my_sa,
sizeof (dh->my_sa)))
{
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"bind");
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"bind",
tmpdir);
do_disconnect (dh);
GNUNET_free (tmpdir);
return;
}
/* Fix permissions on UNIX domain socket, just
in case umask() is not set to enable group write */
if (0 != chmod (tmpdir,
S_IRUSR | S_IWUSR | S_IWGRP))
{
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"chmod",
tmpdir);
}
GNUNET_free (tmpdir);
{
struct GNUNET_MessageHeader hdr = {
.size = htons (sizeof (hdr)),
@ -242,6 +251,15 @@ TALER_CRYPTO_helper_denom_connect (
return NULL;
}
dh->template = template;
if (strlen (template) >= sizeof (dh->sa.sun_path))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"PATHS",
"TALER_RUNTIME_DIR",
"path too long");
TALER_CRYPTO_helper_denom_disconnect (dh);
return NULL;
}
}
TALER_CRYPTO_helper_denom_poll (dh);
return dh;

71
src/util/crypto_helper_esign.c
View File

@ -93,6 +93,8 @@ do_disconnect (struct TALER_CRYPTO_ExchangeSignHelper *esh)
static void
try_connect (struct TALER_CRYPTO_ExchangeSignHelper *esh)
{
char *tmpdir;
if (-1 != esh->sock)
return;
esh->sock = socket (AF_UNIX,
@ -104,46 +106,53 @@ try_connect (struct TALER_CRYPTO_ExchangeSignHelper *esh)
"socket");
return;
}
tmpdir = GNUNET_DISK_mktemp (esh->template);
if (NULL == tmpdir)
{
char *tmpdir;
tmpdir = GNUNET_DISK_mktemp (esh->template);
if (NULL == tmpdir)
{
do_disconnect (esh);
return;
}
/* we use >= here because we want the sun_path to always
be 0-terminated */
if (strlen (tmpdir) >= sizeof (esh->sa.sun_path))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"PATHS",
"TALER_RUNTIME_DIR",
"path too long");
GNUNET_free (tmpdir);
do_disconnect (esh);
return;
}
esh->my_sa.sun_family = AF_UNIX;
strncpy (esh->my_sa.sun_path,
tmpdir,
sizeof (esh->sa.sun_path));
if (0 != unlink (tmpdir))
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"unlink",
tmpdir);
GNUNET_free (tmpdir);
do_disconnect (esh);
return;
}
/* we use >= here because we want the sun_path to always
be 0-terminated */
if (strlen (tmpdir) >= sizeof (esh->sa.sun_path))
{
GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR,
"PATHS",
"TALER_RUNTIME_DIR",
"path too long");
GNUNET_free (tmpdir);
do_disconnect (esh);
return;
}
esh->my_sa.sun_family = AF_UNIX;
strncpy (esh->my_sa.sun_path,
tmpdir,
sizeof (esh->sa.sun_path));
if (0 != unlink (tmpdir))
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"unlink",
tmpdir);
if (0 != bind (esh->sock,
(const struct sockaddr *) &esh->my_sa,
sizeof (esh->my_sa)))
{
GNUNET_log_strerror (GNUNET_ERROR_TYPE_WARNING,
"bind");
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"bind",
tmpdir);
do_disconnect (esh);
GNUNET_free (tmpdir);
return;
}
/* Fix permissions on UNIX domain socket, just
in case umask() is not set to enable group write */
if (0 != chmod (tmpdir,
S_IRUSR | S_IWUSR | S_IWGRP))
{
GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
"chmod",
tmpdir);
}
GNUNET_free (tmpdir);
{
struct GNUNET_MessageHeader hdr = {
.size = htons (sizeof (hdr)),