cups/usersys.c:
- cupsServer(): Only use domain socket if it is rwx for others.
scheduler/listen.c:
- cupsdStartListening(): Fix indentation of preprocessor
directives (# must appear in column 0/1)
git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@5041
7a7537e8-13f0-0310-91df-
b6672ffda945
#include "http-private.h"
#include "globals.h"
#include <stdlib.h>
#include "http-private.h"
#include "globals.h"
#include <stdlib.h>
#ifdef WIN32
# include <windows.h>
#endif /* WIN32 */
#ifdef WIN32
# include <windows.h>
#endif /* WIN32 */
char line[1024], /* Line from file */
*value; /* Value on line */
int linenum; /* Line number in file */
char line[1024], /* Line from file */
*value; /* Value on line */
int linenum; /* Line number in file */
+#ifdef CUPS_DEFAULT_DOMAINSOCKET
+ struct stat sockinfo; /* Domain socket information */
+#endif /* CUPS_DEFAULT_DOMAINSOCKET */
_cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
_cups_globals_t *cg = _cupsGlobals(); /* Pointer to library globals */
}
#ifdef CUPS_DEFAULT_DOMAINSOCKET
}
#ifdef CUPS_DEFAULT_DOMAINSOCKET
- if (!access(CUPS_DEFAULT_DOMAINSOCKET, 0))
+ /*
+ * If we are compiled with domain socket support, only use the
+ * domain socket if it exists and has the right permissions...
+ */
+
+ if (!stat(CUPS_DEFAULT_DOMAINSOCKET, &sockinfo) &&
+ (sockinfo.st_mode & S_IRWXO) == S_IRWXO)
server = CUPS_DEFAULT_DOMAINSOCKET;
else
#endif /* CUPS_DEFAULT_DOMAINSOCKET */
server = CUPS_DEFAULT_DOMAINSOCKET;
else
#endif /* CUPS_DEFAULT_DOMAINSOCKET */
setsockopt(lis->fd, SOL_SOCKET, SO_REUSEADDR, (char *)&val, sizeof(val));
setsockopt(lis->fd, SOL_SOCKET, SO_REUSEADDR, (char *)&val, sizeof(val));
setsockopt(lis->fd, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val));
setsockopt(lis->fd, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val));
/*
* Bind to the port we found...
*/
/*
* Bind to the port we found...
*/
if (lis->address.addr.sa_family == AF_INET6)
{
if (lis->address.addr.sa_family == AF_INET6)
{
/*
* Accept only IPv6 connections on this socket, to avoid
* potential security issues and to make all platforms behave
/*
* Accept only IPv6 connections on this socket, to avoid
* potential security issues and to make all platforms behave
setsockopt(lis->fd, IPPROTO_IPV6, IPV6_V6ONLY, (char *)&val, sizeof(val));
setsockopt(lis->fd, IPPROTO_IPV6, IPV6_V6ONLY, (char *)&val, sizeof(val));
setsockopt(lis->fd, IPPROTO_IPV6, IPV6_V6ONLY, &val, sizeof(val));
setsockopt(lis->fd, IPPROTO_IPV6, IPV6_V6ONLY, &val, sizeof(val));
- # endif /* __sun */
- # endif /* IPV6_V6ONLY */
+# endif /* __sun */
+# endif /* IPV6_V6ONLY */
status = bind(lis->fd, (struct sockaddr *)&(lis->address),
httpAddrLength(&(lis->address)));
}
else
status = bind(lis->fd, (struct sockaddr *)&(lis->address),
httpAddrLength(&(lis->address)));
}
else
- #endif /* AF_INET6 */
- #ifdef AF_LOCAL
+#endif /* AF_INET6 */
+#ifdef AF_LOCAL
if (lis->address.addr.sa_family == AF_LOCAL)
{
mode_t mask; /* Umask setting */
if (lis->address.addr.sa_family == AF_LOCAL)
{
mode_t mask; /* Umask setting */
status = bind(lis->fd, (struct sockaddr *)&(lis->address),
sizeof(lis->address.ipv4));
status = bind(lis->fd, (struct sockaddr *)&(lis->address),
sizeof(lis->address.ipv4));