X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Finvitation.c;h=f1cde581584ea80227f3212a3edad251997fae0b;hb=de8e6bf452227094a8aadd32dd5ea0d94d4b5db9;hp=e5085cea85772e9028f0f64e5fe5339692b29975;hpb=a1f4f14c6c5e269c901e6e019418fb8f789cf96b;p=tinc diff --git a/src/invitation.c b/src/invitation.c index e5085cea..f1cde581 100644 --- a/src/invitation.c +++ b/src/invitation.c @@ -519,12 +519,12 @@ make_names: goto make_names; } - if(mkdir(confbase, 0755) && errno != EEXIST) { + if(mkdir(confbase, 0777) && errno != EEXIST) { fprintf(stderr, "Could not create directory %s: %s\n", confbase, strerror(errno)); return false; } - if(mkdir(hosts_dir, 0755) && errno != EEXIST) { + if(mkdir(hosts_dir, 0777) && errno != EEXIST) { fprintf(stderr, "Could not create directory %s: %s\n", hosts_dir, strerror(errno)); return false; } @@ -652,12 +652,7 @@ make_names: return false; xasprintf(&filename, "%s" SLASH "ecdsa_key.priv", confbase); - f = fopen(filename, "w"); - -#ifdef HAVE_FCHMOD - /* Make it unreadable for others. */ - fchmod(fileno(f), 0600); -#endif + f = fopenmask(filename, "w", 0600); if(!ecdsa_write_pem_private_key(key, f)) { fprintf(stderr, "Error writing private key!\n"); @@ -676,12 +671,7 @@ make_names: rsa_t *rsa = rsa_generate(2048, 0x1001); xasprintf(&filename, "%s" SLASH "rsa_key.priv", confbase); - f = fopen(filename, "w"); - -#ifdef HAVE_FCHMOD - /* Make it unreadable for others. */ - fchmod(fileno(f), 0600); -#endif + f = fopenmask(filename, "w", 0600); rsa_write_pem_private_key(rsa, f); fclose(f); @@ -772,7 +762,12 @@ int cmd_join(int argc, char *argv[]) { } // Make sure confbase exists and is accessible. - if(mkdir(confbase, 0755) && errno != EEXIST) { + if(strcmp(confdir, confbase) && mkdir(confdir, 0755) && errno != EEXIST) { + fprintf(stderr, "Could not create directory %s: %s\n", confdir, strerror(errno)); + return 1; + } + + if(mkdir(confbase, 0777) && errno != EEXIST) { fprintf(stderr, "Could not create directory %s: %s\n", confbase, strerror(errno)); return 1; } @@ -886,7 +881,7 @@ int cmd_join(int argc, char *argv[]) { return 1; } - // Check if the hash of the key he have us matches the hash in the URL. + // Check if the hash of the key he gave us matches the hash in the URL. char *fingerprint = line + 2; digest_t *digest = digest_open_by_name("sha256", 18); if(!digest)