[pan2/testing: 245/279] suggestion from : pan 2011 11 16 06 11 11 cox net by Duncan * changed umask for directories from 755
- From: Heinrich MÃller <henmull src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [pan2/testing: 245/279] suggestion from : pan 2011 11 16 06 11 11 cox net by Duncan * changed umask for directories from 755
- Date: Sat, 3 Dec 2011 22:42:05 +0000 (UTC)
commit 6ffb80bd30e931bec3f0e15afa57f63a5704c648
Author: Heinrich MÃller <sphemuel stud informatik uni-erlangen de>
Date: Wed Nov 16 09:46:44 2011 +0100
suggestion from : pan 2011 11 16 06 11 11 cox net by Duncan
* changed umask for directories from 755 to 740
* checked for executable bit when creating new subdirs/checking for paths
pan/data-impl/cert-store.cc | 10 +++++-
pan/general/file-util.cc | 70 +++++++++++++++++++++++++++++++++++++++---
pan/general/file-util.h | 3 ++
pan/gui/gui.cc | 4 ++-
pan/gui/server-ui.cc | 16 +++++++--
5 files changed, 92 insertions(+), 11 deletions(-)
---
diff --git a/pan/data-impl/cert-store.cc b/pan/data-impl/cert-store.cc
index b13cf75..b549883 100644
--- a/pan/data-impl/cert-store.cc
+++ b/pan/data-impl/cert-store.cc
@@ -96,7 +96,9 @@ CertStore :: get_all_certs_from_disk(std::set<X509*>& setme)
g_snprintf (filename, sizeof(filename), "%s%c%s", _path.c_str(), G_DIR_SEPARATOR, fname);
FILE *fp = fopen(filename,"r");
+ if (!fp) continue;
X509 *x = X509_new();
+ if (!x) { fclose(fp); continue; }
PEM_read_X509(fp,&x, 0, 0);
fclose(fp);
setme.insert(x);
@@ -160,8 +162,13 @@ CertStore :: CertStore ()
{
char buf[2048];
g_snprintf(buf,sizeof(buf),"%s%cssl_certs",file::get_pan_home().c_str(), G_DIR_SEPARATOR);
- file::ensure_dir_exists (buf);
_path = buf;
+ if (!file::ensure_dir_exists (buf))
+ {
+ std::cerr<<"Error initializing certstore. Check your permissions for the directory \"ssl-certs\" and main subfolder in your home directory! Fatal, exiting.";
+ file::print_file_info(std::cerr, buf);
+ exit(EXIT_FAILURE);
+ }
}
CertStore :: ~CertStore ()
@@ -182,6 +189,7 @@ CertStore :: add(X509* cert, const Quark& server)
char buf[2048];
g_snprintf(buf,sizeof(buf),"%s%c%s.pem",_path.c_str(),G_DIR_SEPARATOR,server.c_str());
FILE * fp = fopen(buf, "wb");
+ if (!fp) return false;
PEM_write_X509(fp, cert);
fclose(fp);
chmod (buf, 0600);
diff --git a/pan/general/file-util.cc b/pan/general/file-util.cc
index 6b3ea29..8b97daa 100644
--- a/pan/general/file-util.cc
+++ b/pan/general/file-util.cc
@@ -28,23 +28,47 @@ extern "C"
#include <unistd.h>
#include <sys/stat.h>
#include <sys/types.h>
-
#include <glib.h>
#include <glib/gi18n.h>
-
- #include <dirent.h>
+ #include <pwd.h>
}
#include "debug.h"
#include "log.h"
#include "messages.h"
#include "file-util.h"
+#include "e-util.h"
#include "utf8-utils.h"
#include <algorithm>
using namespace pan;
#define is_nonempty_string(a) ((a) && (*a))
+#define NL std::endl
+
+std::ostream&
+file :: print_file_info (std::ostream& os, const char* file)
+{
+ EvolutionDateMaker dm;
+ struct stat sb;
+ int ret = stat(file,&sb);
+
+ os << "File information for file "<<file<<NL;
+ if (ret)
+ {
+ os << "File not found / accessible!"<<NL;
+ return os;
+ }
+ os << "Umask : "<<sb.st_mode<<NL;
+ os << "User ID : "<< sb.st_uid<<NL;
+ os << "Group ID : "<< sb.st_gid<<NL;
+ os << "Size (Bytes) : "<<sb.st_size<<NL;
+ os << "Last accessed : "<<dm.get_date_string(sb.st_atime)<<NL;
+ os << "Last modified : "<<dm.get_date_string(sb.st_mtime)<<NL;
+ os << "Last status change : "<<dm.get_date_string(sb.st_ctime)<<NL;
+
+ return os;
+}
/***
****
@@ -77,6 +101,26 @@ file :: pan_strerror (int error_number)
return pch && *pch ? pch : "";
}
+namespace
+{
+
+ enum EX_ERRORS
+ {
+ EX_NOFILE, EX_BIT, EX_SUCCESS
+ };
+
+ EX_ERRORS check_executable_bit(const char* d)
+ {
+ struct stat sb;
+ if (stat (d, &sb) == -1) return EX_NOFILE;
+ const char* user(g_get_user_name());
+ struct passwd* pw(getpwnam(user));
+ if (sb.st_mode & S_IXUSR || ((sb.st_mode & S_IXGRP ) && pw->pw_gid == sb.st_gid))
+ return EX_SUCCESS;
+ return EX_BIT;
+ }
+}
+
bool
file :: ensure_dir_exists (const StringView& dirname_sv)
{
@@ -84,11 +128,27 @@ file :: ensure_dir_exists (const StringView& dirname_sv)
pan_return_val_if_fail (!dirname_sv.empty(), true);
bool retval (true);
-
const std::string dirname (dirname_sv.to_string());
+ EX_ERRORS cmd (check_executable_bit(dirname.c_str()));
+ if (cmd == EX_BIT) goto _set_bit;
+
if (!g_file_test (dirname.c_str(), G_FILE_TEST_IS_DIR))
- retval = !g_mkdir_with_parents (dirname.c_str(), 0755);
+ retval = !g_mkdir_with_parents (dirname.c_str(), 0740); // changed from 755
+ if (!retval)
+ {
+ // check for executable bit
+ Log::add_err_va("Error creating directory '%s' : %s", dirname.c_str(),
+ cmd == EX_NOFILE ? "error accessing file." : "executable bit not set.");
+ // set it manually
+ _set_bit:
+ if (cmd == EX_BIT)
+ if (chmod(dirname.c_str(), 0740))
+ {
+ Log::add_urgent_va("Error setting executable bit for directory '%s' : Please check your permissions.", dirname.c_str());
+ print_file_info(std::cerr,dirname.c_str());
+ }
+ }
return retval;
}
diff --git a/pan/general/file-util.h b/pan/general/file-util.h
index a81f751..4f49d1b 100644
--- a/pan/general/file-util.h
+++ b/pan/general/file-util.h
@@ -49,6 +49,9 @@ namespace pan
*/
namespace file
{
+ /** Stats a file and prints out some useful info. Umask etc.... */
+ std::ostream& print_file_info (std::ostream&, const char*);
+
/** just like strerror but never returns NULL */
const char * pan_strerror (int error_number);
diff --git a/pan/gui/gui.cc b/pan/gui/gui.cc
index 23c8071..8597758 100644
--- a/pan/gui/gui.cc
+++ b/pan/gui/gui.cc
@@ -805,6 +805,7 @@ void GUI :: on_log_entry_added (const Log::Entry& e)
set_bin_child (_event_log_button, _error_image);
if (_queue.is_online() && (e.severity & Log::PAN_SEVERITY_URGENT)) {
+ gdk_threads_enter();
GtkWidget * w = gtk_message_dialog_new (get_window(_root),
GtkDialogFlags(GTK_DIALOG_MODAL|GTK_DIALOG_DESTROY_WITH_PARENT),
GTK_MESSAGE_ERROR,
@@ -812,6 +813,7 @@ void GUI :: on_log_entry_added (const Log::Entry& e)
"%s", e.message.c_str());
g_signal_connect_swapped (w, "response", G_CALLBACK (gtk_widget_destroy), w);
gtk_widget_show_all (w);
+ gdk_threads_leave();
}
}
@@ -2099,7 +2101,7 @@ GUI :: on_verify_cert_failed(X509* cert, std::string server, int nr)
if (!cert) return;
if (GUI::confirm_accept_new_cert_dialog(get_window(_root),cert,server))
if (!_certstore.add(cert, server))
- Log::add_err_va("Error adding certificate of server '%s' to Certificate Store",server.c_str());
+ Log::add_urgent_va("Error adding certificate of server '%s' to Certificate Store",server.c_str());
}
diff --git a/pan/gui/server-ui.cc b/pan/gui/server-ui.cc
index 0310551..4403fad 100644
--- a/pan/gui/server-ui.cc
+++ b/pan/gui/server-ui.cc
@@ -27,8 +27,8 @@ extern "C" {
#include <gtk/gtk.h>
}
-//#include <pan/usenet-utils/ssl-utils.h>
#include <pan/icons/pan-pixbufs.h>
+#include <pan/general/file-util.h>
#include <pan/general/macros.h>
#include <pan/general/quark.h>
#include <pan/data/data.h>
@@ -735,12 +735,20 @@ namespace
if (!ret.empty() )
{
std::string addr; int port;
- FILE *fp = fopen(ret.c_str(),"r");
- X509 *x = X509_new();
+ FILE *fp = fopen(ret.c_str(),"rb");
+ X509 *x;
+ if (!fp) goto _err;
+ x = X509_new();
+ if (!x) { fclose(fp); goto _err; }
PEM_read_X509(fp,&x, 0, 0);
fclose(fp);
d->data.get_server_addr(selected_server, addr, port);
- store.add(x,addr);
+ if (!store.add(x,addr))
+ {
+ _err:
+ Log::add_err_va("Error adding certificate of server '%s' to CertStore. Check the console output!", addr.c_str());
+ file::print_file_info(std::cerr,ret.c_str());
+ }
sec_tree_view_refresh (d);
}
}
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
