From 74c7fec42e97f9686a6fdc3e5965ba875069ab94 Mon Sep 17 00:00:00 2001
From: Amos Jeffries <squid3@treenet.co.nz>
Date: Fri, 2 May 2008 23:12:10 +1200
Subject: [PATCH] Author: Alex Rousskov <rousskov@measurement-factory.com> Bug
 2254: umask support needs porting from 2.6

---
 src/cache_cf.cc |  1 +
 src/cf.data.pre | 12 ++++++++++++
 src/main.cc     |  3 ++-
 src/protos.h    |  1 +
 src/structs.h   |  1 +
 src/tools.cc    | 11 +++++++++++
 6 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/src/cache_cf.cc b/src/cache_cf.cc
index 89deda6176..4056090ace 100644
--- a/src/cache_cf.cc
+++ b/src/cache_cf.cc
@@ -389,6 +389,7 @@ parseConfigFile(const char *file_name, CacheManager & manager)
 
     if (!Config.chroot_dir) {
         leave_suid();
+        setUmask(Config.umask);
         _db_init(Config.Log.log, Config.debugOptions);
         enter_suid();
     }
diff --git a/src/cf.data.pre b/src/cf.data.pre
index e9c0709492..1d0c116244 100644
--- a/src/cf.data.pre
+++ b/src/cf.data.pre
@@ -3319,6 +3319,18 @@ DOC_START
 	A list of other DNS names your cache has.
 DOC_END
 
+NAME: umask
+TYPE: int
+LOC: Config.umask
+DEFAULT: 027
+DOC_START
+	Minimum umask which should be enforced while the proxy
+	is running, in addition to the umask set at startup.
+
+	For a traditional octal representation of umasks, start
+        your value with 0.
+DOC_END
+
 COMMENT_START
  OPTIONS FOR THE CACHE REGISTRATION SERVICE
  -----------------------------------------------------------------------------
diff --git a/src/main.cc b/src/main.cc
index 2434181ff0..28bd54fc5c 100644
--- a/src/main.cc
+++ b/src/main.cc
@@ -632,6 +632,7 @@ mainReconfigure(void)
     errorClean();
     enter_suid();		/* root to read config file */
     parseConfigFile(ConfigFile, manager);
+    setUmask(Config.umask);
     Mem::Report();
     setEffectiveUser();
     _db_init(Config.Log.log, Config.debugOptions);
@@ -1068,7 +1069,6 @@ int
 main(int argc, char **argv)
 #endif
 {
-    mode_t oldmask;
 #ifdef _SQUID_WIN32_
 
     int WIN32_init_err;
@@ -1211,6 +1211,7 @@ main(int argc, char **argv)
 
             return parse_err;
     }
+    setUmask(Config.umask);
     if (-1 == opt_send_signal)
         if (checkRunningPid())
             exit(1);
diff --git a/src/protos.h b/src/protos.h
index 72e19d5f0a..a47aeb98cd 100644
--- a/src/protos.h
+++ b/src/protos.h
@@ -663,6 +663,7 @@ SQUIDCEXTERN int xrename(const char *from, const char *to);
 SQUIDCEXTERN int isPowTen(int);
 SQUIDCEXTERN void parseEtcHosts(void);
 SQUIDCEXTERN int getMyPort(void);
+SQUIDCEXTERN void setUmask(mode_t mask);
 
 SQUIDCEXTERN char *strwordtok(char *buf, char **t);
 SQUIDCEXTERN void strwordquote(MemBuf * mb, const char *str);
diff --git a/src/structs.h b/src/structs.h
index 67749d902c..3cdaa4a507 100644
--- a/src/structs.h
+++ b/src/structs.h
@@ -740,6 +740,7 @@ struct _SquidConfig
 #endif
 
     char *accept_filter;
+    int umask;
 };
 
 struct _SquidConfig2
diff --git a/src/tools.cc b/src/tools.cc
index 9f890a52c9..3c6e191d1f 100644
--- a/src/tools.cc
+++ b/src/tools.cc
@@ -1272,6 +1272,17 @@ getMyPort(void)
     return 0;			/* NOT REACHED */
 }
 
+/*
+ * Set the umask to at least the given mask. This is in addition
+ * to the umask set at startup
+ */
+void
+setUmask(mode_t mask)
+{
+    // No way to get the current umask value without setting it.
+    static const mode_t orig_umask = umask(mask); // once, to get
+    umask(mask | orig_umask); // always, to set
+}
 
 /*
  * Inverse of strwordtok. Quotes a word if needed
-- 
2.47.2