X-Git-Url: https://www.tinc-vpn.org/git/browse?a=blobdiff_plain;f=src%2Fnet_setup.c;h=0fedafa84b66b84bc532179fa6b2b04606b47d0a;hb=a38e0d621397d6d69c939ccc287d5a803b668195;hp=8ae1e72bbaafd3d90cd1118c2faa3085b36032cb;hpb=2eba7933053d7d21bf82e647978ee90abe98dc3a;p=tinc

diff --git a/src/net_setup.c b/src/net_setup.c
index 8ae1e72b..0fedafa8 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -711,7 +711,12 @@ static bool setup_myself(void) {
 	get_config_bool(lookup_config(config_tree, "TunnelServer"), &tunnelserver);
 	strictsubnets |= tunnelserver;
 
-
+	if(get_config_int(lookup_config(config_tree, "MaxConnectionBurst"), &max_connection_burst)) {
+		if(max_connection_burst <= 0) {
+			logger(DEBUG_ALWAYS, LOG_ERR, "MaxConnectionBurst cannot be negative!");
+			return false;
+		}
+	}
 
 	if(get_config_int(lookup_config(config_tree, "UDPRcvBuf"), &udp_rcvbuf)) {
 		if(udp_rcvbuf <= 0) {
@@ -863,7 +868,12 @@ static bool setup_myself(void) {
 
 	unlink(unixsocketname);
 
-	if(bind(unix_fd, (struct sockaddr *)&sa, sizeof sa) < 0) {
+	mode_t mask = umask(0);
+	umask(mask | 077);
+	int result = bind(unix_fd, (struct sockaddr *)&sa, sizeof sa);
+	umask(mask);
+
+	if(result < 0) {
 		logger(DEBUG_ALWAYS, LOG_ERR, "Could not bind UNIX socket to %s: %s", unixsocketname, sockstrerror(errno));
 		return false;
 	}