diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2021-02-24 21:06:48 +0100 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2021-02-24 21:08:28 +0100 |
| commit | faab30461b0f2b920e3dd19489ce458c0b38e6d9 (patch) | |
| tree | 0b7a760c5dac69f245a91185cbaa9c3183947eae | |
| parent | d1a862d9cb98a54e12c9fdbc405b896f3f0efcfe (diff) | |
If restricting access via umask() fails, don't include errno in the error message.
errno is not set on umask failure, see
https://perldoc.perl.org/functions/umask.
| -rw-r--r-- | Changelog | 2 | ||||
| -rwxr-xr-x | lacme | 4 | ||||
| -rwxr-xr-x | lacme-accountd | 4 |
3 files changed, 6 insertions, 4 deletions
@@ -236,6 +236,8 @@ lacme (0.2) upstream; directories. New default "lacme-certs.conf lacme-certs.conf.d/". - Minor manpage fixes - More useful message upon Validation Challenge failure. + - If restricting access via umask() fails, don't include errno in the + error message as it's not set on failure. -- Guilhem Moulin <guilhem@guilhem.org> Sat, 03 Dec 2016 16:40:56 +0100 @@ -376,14 +376,14 @@ sub spawn_webserver() { if ($domain == AF_UNIX) { # bind(2) with a loose umask(2) to allow anyone to connect - my $umask = umask(0111) // die "umask: $!"; + my $umask = umask(0111) // die; my $path = Socket::unpack_sockaddr_un($sockaddr); bind($sock, $sockaddr) or die "Couldn't bind to $p: $!"; push @CLEANUP, sub() { print STDERR "Unlinking $path\n" if $OPTS{debug}; unlink $path or warn "Warning: Couldn't unlink $path: $!"; }; - umask($umask) // die "umask: $!"; + umask($umask) // die; } else { bind($sock, $sockaddr) or die "Couldn't bind to $p: $!"; diff --git a/lacme-accountd b/lacme-accountd index a35ac88..98c11ad 100755 --- a/lacme-accountd +++ b/lacme-accountd @@ -215,7 +215,7 @@ unless (defined $OPTS{stdio}) { my @stat = stat($dirname) or error("stat($dirname): $!"); error("Insecure permissions on $dirname") if ($stat[2] & 0022) != 0; - my $umask = umask(0177) // panic("umask: $!"); + my $umask = umask(0177) // panic(); logmsg($LOG_VERBOSE => "Starting lacme Account Key Manager at $sockname"); socket(my $sock, PF_UNIX, SOCK_STREAM, 0) or panic("socket: $!"); @@ -225,7 +225,7 @@ unless (defined $OPTS{stdio}) { ($SOCKNAME, $S) = ($sockname, $sock); listen($S, 1) or panic("listen: $!"); - umask($umask) // panic("umask: $!"); + umask($umask) // panic(); }; |