From 423565e74b71e4ab0a68fa29dfaff3b640e6bb96 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 25 Apr 2016 13:47:59 +0200 Subject: [PATCH 01/15] fix CURRENCY section in test case --- src/wire/test_sepa_wireformat.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/wire/test_sepa_wireformat.c b/src/wire/test_sepa_wireformat.c index cd31a971c..032874cf3 100644 --- a/src/wire/test_sepa_wireformat.c +++ b/src/wire/test_sepa_wireformat.c @@ -77,7 +77,7 @@ main(int argc, NULL); cfg = GNUNET_CONFIGURATION_create (); GNUNET_CONFIGURATION_set_value_string (cfg, - "exchange", + "taler", "currency", "EUR"); plugin = TALER_WIRE_plugin_load (cfg, From c2c2b92ed489dfdc856a6e683564e10ef539a12d Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 25 Apr 2016 16:05:30 +0200 Subject: [PATCH 02/15] implement serving exchange via unix domain sockets --- src/exchange/exchange.conf | 8 + src/exchange/taler-exchange-httpd.c | 230 ++++++++++++++++++++++++---- 2 files changed, 208 insertions(+), 30 deletions(-) diff --git a/src/exchange/exchange.conf b/src/exchange/exchange.conf index 96322d6a2..f0cd424ae 100644 --- a/src/exchange/exchange.conf +++ b/src/exchange/exchange.conf @@ -11,6 +11,13 @@ KEYDIR = ${TALER_DATA_HOME}/exchange/live-keys/ # the actual coin operations. # WIREFORMAT = test +# serve via tcp socket (on PORT) +SERVE = tcp + +# Unix domain socket to listen on, +# only effective with "SERVE = unix" +UNIXPATH = ${TALER_SOCKET_DIR}/exchange + # HTTP port the exchange listens to # PORT = 8081 @@ -25,3 +32,4 @@ DB = postgres # Where do we store the offline master private key of the exchange? MASTER_PRIV_FILE = ${TALER_DATA_HOME}/exchange/offline-keys/master.priv + diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 6efb1492e..9a687cd57 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -42,6 +42,13 @@ #include "taler_exchangedb_plugin.h" #include "taler-exchange-httpd_validation.h" + +/** + * Backlog for listen operation on unix + * domain sockets. + */ +#define UNIX_BACKLOG 500 + /** * Which currency is used by this exchange? */ @@ -93,6 +100,12 @@ static struct MHD_Daemon *mydaemon; */ static uint16_t serve_port; +/** + * Path for the unix domain socket + * to run the daemon on. + */ +static char *serve_unixpath; + /** * Function called whenever MHD is done with a request. If the @@ -453,30 +466,84 @@ exchange_serve_process_config () GNUNET_YES); } - if (GNUNET_OK != - GNUNET_CONFIGURATION_get_value_number (cfg, - "exchange", - "port", - &port)) { - GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, - "exchange", - "port", - "port number required"); - TMH_VALIDATION_done (); - return GNUNET_SYSERR; + const char *choices[] = {"tcp", "unix"}; + const char *serve_type; + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_choice (cfg, + "exchange", + "serve", + choices, + &serve_type)) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "exchange", + "serve", + "serve type required"); + TMH_VALIDATION_done (); + return GNUNET_SYSERR; + } + + if (0 == strcmp (serve_type, "tcp")) + { + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_number (cfg, + "exchange", + "port", + &port)) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "exchange", + "port", + "port number required"); + TMH_VALIDATION_done (); + return GNUNET_SYSERR; + } + + if ( (0 == port) || + (port > UINT16_MAX) ) + { + fprintf (stderr, + "Invalid configuration (value out of range): %llu is not a valid port\n", + port); + TMH_VALIDATION_done (); + return GNUNET_SYSERR; + } + serve_port = (uint16_t) port; + } + else if (0 == strcmp (serve_type, "unix")) + { + struct sockaddr_un s_un; + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_filename (cfg, + "exchange", + "unixpath", + &serve_unixpath)) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "exchange", + "unixpath", + "unixpath required"); + TMH_VALIDATION_done (); + return GNUNET_SYSERR; + } + + if (strlen (serve_unixpath) >= sizeof (s_un.sun_path)) + { + fprintf (stderr, + "Invalid configuration: unix path too long\n"); + TMH_VALIDATION_done (); + return GNUNET_SYSERR; + } + } + else + { + // not reached + GNUNET_assert (0); + } } - if ( (0 == port) || - (port > UINT16_MAX) ) - { - fprintf (stderr, - "Invalid configuration (value out of range): %llu is not a valid port\n", - port); - TMH_VALIDATION_done (); - return GNUNET_SYSERR; - } - serve_port = (uint16_t) port; return GNUNET_OK; } @@ -617,6 +684,63 @@ handle_mhd_logs (void *cls, } +/** + * Make a socket non-inheritable to child processes + * + * @param fd the socket to make non-inheritable + * @return #GNUNET_OK on success, #GNUNET_SYSERR otherwise + */ +static int +socket_set_inheritable (int fd) +{ + int i; + i = fcntl (fd, F_GETFD); + if (i < 0) + return GNUNET_SYSERR; + if (i == (i | FD_CLOEXEC)) + return GNUNET_OK; + i |= FD_CLOEXEC; + if (fcntl (fd, F_SETFD, i) < 0) + return GNUNET_SYSERR; + return GNUNET_OK; +} + + + +/** + * Set if a socket should use blocking or non-blocking IO. + * + * @param fd socket + * @param doBlock blocking mode + * @return #GNUNET_OK on success, #GNUNET_SYSERR on error + */ +int +socket_set_blocking (int fd, + int doBlock) +{ + int flags = fcntl (fd, F_GETFL); + if (flags == -1) + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + if (doBlock) + flags &= ~O_NONBLOCK; + + else + flags |= O_NONBLOCK; + if (0 != fcntl (fd, + F_SETFL, + flags)) + + { + GNUNET_break (0); + return GNUNET_SYSERR; + } + return GNUNET_OK; +} + + /** * The main function of the taler-exchange-httpd server ("the exchange"). * @@ -673,17 +797,63 @@ main (int argc, exchange_serve_process_config ()) return 1; - mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG, - serve_port, - NULL, NULL, - &handle_mhd_request, NULL, - MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL, - MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL, - MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout, + if (NULL != serve_unixpath) + { + int sock; + struct sockaddr_un *un; + + un = GNUNET_new (struct sockaddr_un); + un->sun_family = AF_UNIX; + sock = socket (AF_UNIX, SOCK_STREAM, 0); + if (-1 == sock) + { + GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, + "socket"); + return 1; + } + strncpy (un->sun_path, serve_unixpath, sizeof (un->sun_path) - 1); + socket_set_inheritable (sock); + socket_set_blocking (sock, GNUNET_NO); + GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Binding to unix-domain socket '%s'\n", serve_unixpath); + if (0 != bind (sock, un, sizeof (*un))) + { + GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, + "bind"); + return 1; + } + if (0 != listen (sock, UNIX_BACKLOG)) + { + GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, + "listen"); + return 1; + } + mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG, + 0, + NULL, NULL, + &handle_mhd_request, NULL, + MHD_OPTION_LISTEN_SOCKET, sock, + MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL, + MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL, + MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout, #if HAVE_DEVELOPER - MHD_OPTION_NOTIFY_CONNECTION, &connection_done, NULL, + MHD_OPTION_NOTIFY_CONNECTION, &connection_done, NULL, #endif - MHD_OPTION_END); + MHD_OPTION_END); + } + else + { + mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG, + serve_port, + NULL, NULL, + &handle_mhd_request, NULL, + MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL, + MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL, + MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout, +#if HAVE_DEVELOPER + MHD_OPTION_NOTIFY_CONNECTION, &connection_done, NULL, +#endif + MHD_OPTION_END); + } if (NULL == mydaemon) { From 57728835cf9caad0c4db5bd5df63d69a4003f7ca Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 25 Apr 2016 20:22:06 +0200 Subject: [PATCH 03/15] use GNUnet helpers --- src/exchange/exchange.conf | 1 + src/exchange/taler-exchange-httpd.c | 95 ++++++----------------------- 2 files changed, 21 insertions(+), 75 deletions(-) diff --git a/src/exchange/exchange.conf b/src/exchange/exchange.conf index f0cd424ae..674f86df2 100644 --- a/src/exchange/exchange.conf +++ b/src/exchange/exchange.conf @@ -17,6 +17,7 @@ SERVE = tcp # Unix domain socket to listen on, # only effective with "SERVE = unix" UNIXPATH = ${TALER_SOCKET_DIR}/exchange +# UNIXPATH_MODE = 660 # HTTP port the exchange listens to # PORT = 8081 diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 9a687cd57..a4e71f753 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -684,63 +684,6 @@ handle_mhd_logs (void *cls, } -/** - * Make a socket non-inheritable to child processes - * - * @param fd the socket to make non-inheritable - * @return #GNUNET_OK on success, #GNUNET_SYSERR otherwise - */ -static int -socket_set_inheritable (int fd) -{ - int i; - i = fcntl (fd, F_GETFD); - if (i < 0) - return GNUNET_SYSERR; - if (i == (i | FD_CLOEXEC)) - return GNUNET_OK; - i |= FD_CLOEXEC; - if (fcntl (fd, F_SETFD, i) < 0) - return GNUNET_SYSERR; - return GNUNET_OK; -} - - - -/** - * Set if a socket should use blocking or non-blocking IO. - * - * @param fd socket - * @param doBlock blocking mode - * @return #GNUNET_OK on success, #GNUNET_SYSERR on error - */ -int -socket_set_blocking (int fd, - int doBlock) -{ - int flags = fcntl (fd, F_GETFL); - if (flags == -1) - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - if (doBlock) - flags &= ~O_NONBLOCK; - - else - flags |= O_NONBLOCK; - if (0 != fcntl (fd, - F_SETFL, - flags)) - - { - GNUNET_break (0); - return GNUNET_SYSERR; - } - return GNUNET_OK; -} - - /** * The main function of the taler-exchange-httpd server ("the exchange"). * @@ -799,39 +742,40 @@ main (int argc, if (NULL != serve_unixpath) { - int sock; + struct GNUNET_NETWORK_Handle *nh; struct sockaddr_un *un; + if (sizeof (un->sun_path) <= strlen (serve_unixpath)) + { + fprintf (stderr, "unixpath too long\n"); + return 1; + } + un = GNUNET_new (struct sockaddr_un); un->sun_family = AF_UNIX; - sock = socket (AF_UNIX, SOCK_STREAM, 0); - if (-1 == sock) - { - GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, - "socket"); - return 1; - } strncpy (un->sun_path, serve_unixpath, sizeof (un->sun_path) - 1); - socket_set_inheritable (sock); - socket_set_blocking (sock, GNUNET_NO); - GNUNET_log (GNUNET_ERROR_TYPE_INFO, "Binding to unix-domain socket '%s'\n", serve_unixpath); - if (0 != bind (sock, un, sizeof (*un))) + + if (NULL == (nh = GNUNET_NETWORK_socket_create (AF_UNIX, SOCK_STREAM, 0))) { - GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, - "bind"); + fprintf (stderr, "create failed for AF_UNIX\n"); return 1; } - if (0 != listen (sock, UNIX_BACKLOG)) + if (GNUNET_OK != GNUNET_NETWORK_socket_bind (nh, (void *) un, sizeof (struct sockaddr_un))) { - GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR, - "listen"); + fprintf (stderr, "bind failed for AF_UNIX\n"); return 1; } + if (GNUNET_OK != GNUNET_NETWORK_socket_listen (nh, UNIX_BACKLOG)) + { + fprintf (stderr, "listen failed for AF_UNIX\n"); + return 1; + } + mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG, 0, NULL, NULL, &handle_mhd_request, NULL, - MHD_OPTION_LISTEN_SOCKET, sock, + MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (nh), MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL, MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL, MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout, @@ -839,6 +783,7 @@ main (int argc, MHD_OPTION_NOTIFY_CONNECTION, &connection_done, NULL, #endif MHD_OPTION_END); + GNUNET_NETWORK_socket_free_memory_only_ (nh); } else { From edd704fa739232f532e72fd01a15a5bd1535c827 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 25 Apr 2016 20:25:05 +0200 Subject: [PATCH 04/15] precheck for UDS --- src/exchange/taler-exchange-httpd.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index a4e71f753..30de6e76e 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -755,6 +755,8 @@ main (int argc, un->sun_family = AF_UNIX; strncpy (un->sun_path, serve_unixpath, sizeof (un->sun_path) - 1); + GNUNET_NETWORK_unix_precheck (un); + if (NULL == (nh = GNUNET_NETWORK_socket_create (AF_UNIX, SOCK_STREAM, 0))) { fprintf (stderr, "create failed for AF_UNIX\n"); From 37266ffacde14c1e249968e861263f9e9b4e7acf Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 25 Apr 2016 20:36:47 +0200 Subject: [PATCH 05/15] socket permissions --- src/exchange/exchange.conf | 4 ++-- src/exchange/taler-exchange-httpd.c | 35 +++++++++++++++++++++++++++-- 2 files changed, 35 insertions(+), 4 deletions(-) diff --git a/src/exchange/exchange.conf b/src/exchange/exchange.conf index 674f86df2..7dffdd7fa 100644 --- a/src/exchange/exchange.conf +++ b/src/exchange/exchange.conf @@ -16,8 +16,8 @@ SERVE = tcp # Unix domain socket to listen on, # only effective with "SERVE = unix" -UNIXPATH = ${TALER_SOCKET_DIR}/exchange -# UNIXPATH_MODE = 660 +UNIXPATH = ${TALER_RUNTIME_DIR}/exchange.http +UNIXPATH_MODE = 660 # HTTP port the exchange listens to # PORT = 8081 diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 30de6e76e..bf60cfd6e 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -101,11 +101,16 @@ static struct MHD_Daemon *mydaemon; static uint16_t serve_port; /** - * Path for the unix domain socket + * Path for the unix domain-socket * to run the daemon on. */ static char *serve_unixpath; +/** + * File mode for unix-domain socket. + */ +static mode_t unixpath_mode; + /** * Function called whenever MHD is done with a request. If the @@ -515,6 +520,8 @@ exchange_serve_process_config () else if (0 == strcmp (serve_type, "unix")) { struct sockaddr_un s_un; + unsigned long long mode; + if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (cfg, "exchange", @@ -536,6 +543,21 @@ exchange_serve_process_config () TMH_VALIDATION_done (); return GNUNET_SYSERR; } + + if (GNUNET_OK != + GNUNET_CONFIGURATION_get_value_number (cfg, + "exchange", + "unixpath_mode", + &mode)) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "exchange", + "unixpath_mode", + "unixpath_mode required"); + TMH_VALIDATION_done (); + return GNUNET_SYSERR; + } + unixpath_mode = (mode_t) mode; } else { @@ -744,6 +766,7 @@ main (int argc, { struct GNUNET_NETWORK_Handle *nh; struct sockaddr_un *un; + int fh; if (sizeof (un->sun_path) <= strlen (serve_unixpath)) { @@ -773,11 +796,19 @@ main (int argc, return 1; } + fh = GNUNET_NETWORK_get_fd (nh); + + if (0 != fchmod (fh, unixpath_mode)) + { + fprintf (stderr, "chmod failed: %s\n", strerror (errno)); + return 1; + } + mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG, 0, NULL, NULL, &handle_mhd_request, NULL, - MHD_OPTION_LISTEN_SOCKET, GNUNET_NETWORK_get_fd (nh), + MHD_OPTION_LISTEN_SOCKET, fh, MHD_OPTION_EXTERNAL_LOGGER, &handle_mhd_logs, NULL, MHD_OPTION_NOTIFY_COMPLETED, &handle_mhd_completion_callback, NULL, MHD_OPTION_CONNECTION_TIMEOUT, connection_timeout, From 275296311f516d101186f211602b36056f387fa4 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 25 Apr 2016 20:51:19 +0200 Subject: [PATCH 06/15] comment --- src/exchange/taler-exchange-httpd.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index bf60cfd6e..549d63b21 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -820,6 +820,8 @@ main (int argc, } else { + // FIXME: refactor two calls to MHD_start_daemon + // into one, using an options array instead of varags mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG, serve_port, NULL, NULL, From 5b4d2ed1bed390ebd766ebffc2344cf587e241f6 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 25 Apr 2016 21:17:16 +0200 Subject: [PATCH 07/15] octal --- src/exchange/taler-exchange-httpd.c | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 549d63b21..33367ade2 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -520,6 +520,7 @@ exchange_serve_process_config () else if (0 == strcmp (serve_type, "unix")) { struct sockaddr_un s_un; + char *modestring; unsigned long long mode; if (GNUNET_OK != @@ -545,10 +546,10 @@ exchange_serve_process_config () } if (GNUNET_OK != - GNUNET_CONFIGURATION_get_value_number (cfg, + GNUNET_CONFIGURATION_get_value_string (cfg, "exchange", "unixpath_mode", - &mode)) + &modestring)) { GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, "exchange", @@ -557,7 +558,18 @@ exchange_serve_process_config () TMH_VALIDATION_done (); return GNUNET_SYSERR; } - unixpath_mode = (mode_t) mode; + errno = 0; + unixpath_mode = (mode_t) strtoul (modestring, NULL, 8); + if (0 != errno) + { + GNUNET_log_config_invalid (GNUNET_ERROR_TYPE_ERROR, + "exchange", + "unixpath_mode", + "unixpath_mode required"); + TMH_VALIDATION_done (); + return GNUNET_SYSERR; + } + } else { @@ -803,6 +815,7 @@ main (int argc, fprintf (stderr, "chmod failed: %s\n", strerror (errno)); return 1; } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, "set socket '%s' to mode %o", unixpath, unixpath_mode); mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG, 0, From 99f8434e5002b6c562b8ba6227dac788abf7615b Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 25 Apr 2016 21:18:00 +0200 Subject: [PATCH 08/15] typo --- src/exchange/taler-exchange-httpd.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 33367ade2..b06a399ee 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -521,7 +521,6 @@ exchange_serve_process_config () { struct sockaddr_un s_un; char *modestring; - unsigned long long mode; if (GNUNET_OK != GNUNET_CONFIGURATION_get_value_filename (cfg, @@ -815,7 +814,7 @@ main (int argc, fprintf (stderr, "chmod failed: %s\n", strerror (errno)); return 1; } - GNUNET_log (GNUNET_ERROR_TYPE_INFO, "set socket '%s' to mode %o", unixpath, unixpath_mode); + GNUNET_log (GNUNET_ERROR_TYPE_INFO, "set socket '%s' to mode %o", serve_unixpath, unixpath_mode); mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG, 0, From 9488d7234763218ef28ee3bf0fd3a208a5c398de Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 25 Apr 2016 21:19:01 +0200 Subject: [PATCH 09/15] missing newline in log --- src/exchange/taler-exchange-httpd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index b06a399ee..4aff2bb42 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -814,7 +814,7 @@ main (int argc, fprintf (stderr, "chmod failed: %s\n", strerror (errno)); return 1; } - GNUNET_log (GNUNET_ERROR_TYPE_INFO, "set socket '%s' to mode %o", serve_unixpath, unixpath_mode); + GNUNET_log (GNUNET_ERROR_TYPE_INFO, "set socket '%s' to mode %o\n", serve_unixpath, unixpath_mode); mydaemon = MHD_start_daemon (MHD_USE_SELECT_INTERNALLY | MHD_USE_DEBUG, 0, From 4656f7f88359ad9bcaad41b2d0fa4cec7489baee Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 25 Apr 2016 21:23:08 +0200 Subject: [PATCH 10/15] missing free --- src/exchange/taler-exchange-httpd.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 4aff2bb42..38d140fef 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -566,8 +566,10 @@ exchange_serve_process_config () "unixpath_mode", "unixpath_mode required"); TMH_VALIDATION_done (); + GNUNET_free (modestring); return GNUNET_SYSERR; } + GNUNET_free (modestring); } else From 34f9900f661773859c452bd7ca7b5913959ba80e Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 25 Apr 2016 21:30:13 +0200 Subject: [PATCH 11/15] chmod instead of fchmod --- src/exchange/taler-exchange-httpd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 38d140fef..52847a1f0 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -811,7 +811,7 @@ main (int argc, fh = GNUNET_NETWORK_get_fd (nh); - if (0 != fchmod (fh, unixpath_mode)) + if (0 != chmod (unixpath, unixpath_mode)) { fprintf (stderr, "chmod failed: %s\n", strerror (errno)); return 1; From bf0ee981ff25022b39883d327582e027b8f8c17a Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Mon, 25 Apr 2016 21:30:54 +0200 Subject: [PATCH 12/15] typo --- src/exchange/taler-exchange-httpd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 52847a1f0..b54f4bff1 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -811,7 +811,7 @@ main (int argc, fh = GNUNET_NETWORK_get_fd (nh); - if (0 != chmod (unixpath, unixpath_mode)) + if (0 != chmod (serve_unixpath, unixpath_mode)) { fprintf (stderr, "chmod failed: %s\n", strerror (errno)); return 1; From ad40c233907a8b1c707ab9ae476a3e6d66c7aa6c Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Tue, 26 Apr 2016 14:16:35 +0200 Subject: [PATCH 13/15] check_permissions for AF_UNIX --- src/exchange/taler-exchange-httpd_admin.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/src/exchange/taler-exchange-httpd_admin.c b/src/exchange/taler-exchange-httpd_admin.c index 29da2d441..6b28e9cc1 100644 --- a/src/exchange/taler-exchange-httpd_admin.c +++ b/src/exchange/taler-exchange-httpd_admin.c @@ -54,6 +54,9 @@ check_permissions (struct MHD_Connection *connection) addr = ci->client_addr; switch (addr->sa_family) { + case AF_UNIX: + /* We rely on file system permissions here */ + return GNUNET_YES; case AF_INET: { const struct sockaddr_in *sin = (const struct sockaddr_in *) addr; From d17629bf72d061ff24ba11c3c1a4de8276833d90 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Tue, 26 Apr 2016 21:46:44 +0200 Subject: [PATCH 14/15] create directories --- src/exchange/taler-exchange-httpd.c | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index b54f4bff1..941cb1479 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -787,6 +787,17 @@ main (int argc, return 1; } + GNUNET_log (GNUNET_ERROR_TYPE_INFO, + "Creating listen socket '%s' with mode %o\n", + serve_unixpath, unixpath_mode); + + if (GNUNET_OK != GNUNET_DISK_directory_create_for_file (unixpath)) + { + GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, + "mkdir", + serve_unixpath); + } + un = GNUNET_new (struct sockaddr_un); un->sun_family = AF_UNIX; strncpy (un->sun_path, serve_unixpath, sizeof (un->sun_path) - 1); From e7e14f30091282723ea03274d83c43018d0633a1 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Tue, 26 Apr 2016 21:49:48 +0200 Subject: [PATCH 15/15] misspelt variable --- src/exchange/taler-exchange-httpd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/exchange/taler-exchange-httpd.c b/src/exchange/taler-exchange-httpd.c index 941cb1479..11f2e1c9d 100644 --- a/src/exchange/taler-exchange-httpd.c +++ b/src/exchange/taler-exchange-httpd.c @@ -791,7 +791,7 @@ main (int argc, "Creating listen socket '%s' with mode %o\n", serve_unixpath, unixpath_mode); - if (GNUNET_OK != GNUNET_DISK_directory_create_for_file (unixpath)) + if (GNUNET_OK != GNUNET_DISK_directory_create_for_file (serve_unixpath)) { GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR, "mkdir",