X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fcontrol.c;h=84098be5388471129c887c0e6220eb9dddd102b0;hb=a38e0d621397d6d69c939ccc287d5a803b668195;hp=cc5bbb0a016db770b90b93631e1b121d3b598ed9;hpb=f5bb64b36ae0807cdd3f241f81a8e933065437f6;p=tinc

diff --git a/src/control.c b/src/control.c
index cc5bbb0a..84098be5 100644
--- a/src/control.c
+++ b/src/control.c
@@ -1,6 +1,6 @@
 /*
     control.c -- Control socket handling.
-    Copyright (C) 2012 Guus Sliepen <guus@tinc-vpn.org>
+    Copyright (C) 2013 Guus Sliepen <guus@tinc-vpn.org>
 
     This program is free software; you can redistribute it and/or modify
     it under the terms of the GNU General Public License as published by
@@ -137,17 +137,16 @@ bool init_control(void) {
 	randomize(controlcookie, sizeof controlcookie / 2);
 	bin2hex(controlcookie, controlcookie, sizeof controlcookie / 2);
 
+	mode_t mask = umask(0);
+	umask(mask | 077);
 	FILE *f = fopen(pidfilename, "w");
+	umask(mask);
+
 	if(!f) {
 		logger(DEBUG_ALWAYS, LOG_ERR, "Cannot write control socket cookie file %s: %s", pidfilename, strerror(errno));
 		return false;
 	}
 
-#ifdef HAVE_FCHMOD
-	fchmod(fileno(f), 0600);
-#else
-	chmod(pidfilename, 0600);
-#endif
 	// Get the address and port of the first listening socket
 
 	char *localhost = NULL;
@@ -157,7 +156,7 @@ bool init_control(void) {
 	// Make sure we have a valid address, and map 0.0.0.0 and :: to 127.0.0.1 and ::1.
 
 	if(getsockname(listen_socket[0].tcp.fd, (struct sockaddr *)&sa, &len)) {
-		xasprintf(&localhost, "127.0.0.1 port %d", myport);
+		xasprintf(&localhost, "127.0.0.1 port %s", myport);
 	} else {
 		if(sa.sa.sa_family == AF_INET) {
 			if(sa.in.sin_addr.s_addr == 0)