aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/control/interfaces/stroke_interface.c
diff options
context:
space:
mode:
authorMartin Willi <martin@strongswan.org>2007-09-26 14:02:21 +0000
committerMartin Willi <martin@strongswan.org>2007-09-26 14:02:21 +0000
commitc295d0eb4b11a024d1607f6a80275f372c345c08 (patch)
treeec3b578e771898bbf3ca35c1ae43e77ffdcea9d9 /src/charon/control/interfaces/stroke_interface.c
parenta9522e16003dd9f9fc7dc998a9017dbb41a65273 (diff)
downloadstrongswan-c295d0eb4b11a024d1607f6a80275f372c345c08.tar.bz2
strongswan-c295d0eb4b11a024d1607f6a80275f372c345c08.tar.xz
refactored strongswan manager
removed buggy request parsing code, use ClearSilvers CGI kit instead fixed CHILD_SA listing in manager (needs better design) using secure XML communication through unix sockets removed images with questionable (non-GPL) license
Diffstat (limited to 'src/charon/control/interfaces/stroke_interface.c')
-rwxr-xr-xsrc/charon/control/interfaces/stroke_interface.c7
1 files changed, 6 insertions, 1 deletions
diff --git a/src/charon/control/interfaces/stroke_interface.c b/src/charon/control/interfaces/stroke_interface.c
index 74bfa1aec..3ab6b5700 100755
--- a/src/charon/control/interfaces/stroke_interface.c
+++ b/src/charon/control/interfaces/stroke_interface.c
@@ -1698,7 +1698,7 @@ interface_t *interface_create()
return NULL;
}
- old = umask(~S_IRWXU);
+ old = umask(~(S_IRWXU | S_IRWXG));
if (bind(this->socket, (struct sockaddr *)&socket_addr, sizeof(socket_addr)) < 0)
{
DBG1(DBG_CFG, "could not bind stroke socket: %s", strerror(errno));
@@ -1707,6 +1707,11 @@ interface_t *interface_create()
return NULL;
}
umask(old);
+ if (chown(socket_addr.sun_path, IPSEC_UID, IPSEC_GID) != 0)
+ {
+ DBG1(DBG_CFG, "changing stroke socket permissions failed: %s",
+ strerror(errno));
+ }
if (listen(this->socket, 0) < 0)
{
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-19 16:42:24 +0000