exchange

Base system with REST service to issue digital coins, run by the payment service provider
Log | Files | Refs | Submodules | README | LICENSE
commit 07bcff123f7ee750bb0fc6d0008467f51d7e3b0d
parent 99cbc5fbe260b921e8aa47e4c5e6941bf6e49b87
Author: Florian Dold <florian@dold.me>
Date:   Wed,  4 Aug 2021 20:00:31 +0200

call chmod on client socket path, not client socket directory

Diffstat:

Mdebian/etc-taler-exchange/taler/conf.d/exchange-system.conf | 1-


Msrc/util/crypto_helper_denom.c | 23++++++++++++++++-------


Msrc/util/crypto_helper_esign.c | 24+++++++++++++++++-------


3 files changed, 33 insertions(+), 15 deletions(-)

diff --git a/debian/etc-taler-exchange/taler/conf.d/exchange-system.conf b/debian/etc-taler-exchange/taler/conf.d/exchange-system.conf
@@ -2,7 +2,6 @@
 
 # Read secret sections into configuration, but only
 # if we have permission to do so.
-@inline-secret@ exchange-account-1 ../secrets/exchange-accounts.secret.conf
 @inline-secret@ exchangedb-postgres ../secrets/exchange-db.secret.conf
 
 [exchange]
diff --git a/src/util/crypto_helper_denom.c b/src/util/crypto_helper_denom.c
@@ -142,14 +142,23 @@ try_connect (struct TALER_CRYPTO_DenominationHelper *dh)
     GNUNET_free (tmpdir);
     return;
   }
-  /* Fix permissions on UNIX domain socket, just
-     in case umask() is not set to enable group write */
-  if (0 != chmod (tmpdir,
-                  S_IRUSR | S_IWUSR | S_IWGRP))
+  /* Fix permissions on client UNIX domain socket,
+     just in case umask() is not set to enable group write */
   {
-    GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
-                              "chmod",
-                              tmpdir);
+    char path[sizeof (dh->my_sa) + 1];
+
+    strncpy (path,
+             (const char *) &dh->my_sa,
+             sizeof (dh->my_sa));
+    path[sizeof (dh->my_sa)] = '\0';
+
+    if (0 != chmod (path,
+                    S_IRUSR | S_IWUSR | S_IWGRP))
+    {
+      GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
+                                "chmod",
+                                path);
+    }
   }
   GNUNET_free (tmpdir);
   {
diff --git a/src/util/crypto_helper_esign.c b/src/util/crypto_helper_esign.c
@@ -143,15 +143,25 @@ try_connect (struct TALER_CRYPTO_ExchangeSignHelper *esh)
     GNUNET_free (tmpdir);
     return;
   }
-  /* Fix permissions on UNIX domain socket, just
-     in case umask() is not set to enable group write */
-  if (0 != chmod (tmpdir,
-                  S_IRUSR | S_IWUSR | S_IWGRP))
+  /* Fix permissions on client UNIX domain socket,
+     just in case umask() is not set to enable group write */
   {
-    GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
-                              "chmod",
-                              tmpdir);
+    char path[sizeof (esh->my_sa) + 1];
+
+    strncpy (path,
+             (const char *) &esh->my_sa,
+             sizeof (esh->my_sa));
+    path[sizeof (esh->my_sa)] = '\0';
+
+    if (0 != chmod (path,
+                    S_IRUSR | S_IWUSR | S_IWGRP))
+    {
+      GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
+                                "chmod",
+                                path);
+    }
   }
+
   GNUNET_free (tmpdir);
   {
     struct GNUNET_MessageHeader hdr = {