LCOV - code coverage report
Current view: top level - util - secmod_common.c (source / functions) Hit Total Coverage
Test: GNU Taler exchange coverage report Lines: 17 24 70.8 %
Date: 2021-08-30 06:43:37 Functions: 1 1 100.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*
       2             :   This file is part of TALER
       3             :   Copyright (C) 2020 Taler Systems SA
       4             : 
       5             :   TALER is free software; you can redistribute it and/or modify it under the
       6             :   terms of the GNU General Public License as published by the Free Software
       7             :   Foundation; either version 3, or (at your option) any later version.
       8             : 
       9             :   TALER is distributed in the hope that it will be useful, but WITHOUT ANY
      10             :   WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
      11             :   A PARTICULAR PURPOSE.  See the GNU General Public License for more details.
      12             : 
      13             :   You should have received a copy of the GNU General Public License along with
      14             :   TALER; see the file COPYING.  If not, see <http://www.gnu.org/licenses/>
      15             : */
      16             : /**
      17             :  * @file util/secmod_common.c
      18             :  * @brief Common functions for the exchange security modules
      19             :  * @author Florian Dold <dold@taler.net>
      20             :  */
      21             : #include "platform.h"
      22             : #include "taler_util.h"
      23             : #include "taler_signatures.h"
      24             : 
      25             : struct GNUNET_NETWORK_Handle *
      26          20 : TES_open_socket (const char *unixpath)
      27             : {
      28             :   int sock;
      29             :   mode_t old_umask;
      30          20 :   struct GNUNET_NETWORK_Handle *ret = NULL;
      31             : 
      32             :   /* Change permissions so that group read/writes are allowed.
      33             :    * We need this for multi-user exchange deployment with privilege
      34             :    * separation, where taler-exchange-httpd is part of a group
      35             :    * that allows it to talk to secmod.
      36             :    */
      37          20 :   old_umask = umask (S_IROTH | S_IWOTH | S_IXOTH);
      38             : 
      39          20 :   sock = socket (PF_UNIX,
      40             :                  SOCK_DGRAM,
      41             :                  0);
      42          20 :   if (-1 == sock)
      43             :   {
      44           0 :     GNUNET_log_strerror (GNUNET_ERROR_TYPE_ERROR,
      45             :                          "socket");
      46           0 :     goto cleanup;
      47             :   }
      48             :   {
      49             :     struct sockaddr_un un;
      50             : 
      51          20 :     if (GNUNET_OK !=
      52          20 :         GNUNET_DISK_directory_create_for_file (unixpath))
      53             :     {
      54           0 :       GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
      55             :                                 "mkdir(dirname)",
      56             :                                 unixpath);
      57             :     }
      58          20 :     if (0 != unlink (unixpath))
      59             :     {
      60          20 :       if (ENOENT != errno)
      61           0 :         GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_WARNING,
      62             :                                   "unlink",
      63             :                                   unixpath);
      64             :     }
      65          20 :     memset (&un,
      66             :             0,
      67             :             sizeof (un));
      68          20 :     un.sun_family = AF_UNIX;
      69          20 :     strncpy (un.sun_path,
      70             :              unixpath,
      71             :              sizeof (un.sun_path) - 1);
      72          20 :     if (0 != bind (sock,
      73             :                    (const struct sockaddr *) &un,
      74             :                    sizeof (un)))
      75             :     {
      76           0 :       GNUNET_log_strerror_file (GNUNET_ERROR_TYPE_ERROR,
      77             :                                 "bind",
      78             :                                 unixpath);
      79           0 :       GNUNET_break (0 == close (sock));
      80           0 :       goto cleanup;
      81             :     }
      82          20 :     ret = GNUNET_NETWORK_socket_box_native (sock);
      83             :   }
      84          20 : cleanup:
      85          20 :   (void) umask (old_umask);
      86          20 :   return ret;
      87             : }

Generated by: LCOV version 1.14